7 matches found
VulnCheck KEV: CVE-2022-24663
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user...
WordPress PHP Everywhere Plugin <= 2.0.3 is vulnerable to Remote Code Execution (RCE)
Software PHP Everywhere Type Plugin Vulnerable versions = 2.0.3 Fixed in 3.0.0 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2022-24663 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 39f7e97ee70f Credits Ramuel Gall Required privilege...
CVE-2022-24663 Remote Code Execution by Subscriber+ users via WordPress shortcode
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user...
CVE-2022-24663
CVE-2022-24663 affects the WordPress PHP Everywhere plugin (versions
CVE-2022-24663 Remote Code Execution by Subscriber+ users via WordPress shortcode
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user...
CVE-2022-24663
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PHP Everywhere 2.0.3 Remote Code Execution
On January 4, 2022, the Wordfence Threat Intelligence team began the responsible disclosure process for several Remote Code Execution vulnerabilities in PHP Everywhere, a WordPress plugin installed on over 30,000 websites. One of these vulnerabilities allowed any authenticated user of any level,...