3 matches found
CVE-2023-51420
Improper Control of Generation of Code 'Code Injection' vulnerability in Soft8Soft LLC Verge3D Publishing and E-Commerce.This issue affects Verge3D Publishing and E-Commerce: from n/a through 4.5.2...
CVE-2023-51420
The CVE-2023-51420 entry concerns the WordPress Verge3D Plugin (Verge3D Publishing and E‑Commerce) up to version 4.5.2, with an improper control of generation of code vulnerability that enables remote code execution (RCE). According to Patchstack and CVE records, vulnerable versions are
WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Remote Code Execution (RCE)
Software Verge3D Type Plugin Vulnerable versions = 4.5.2 Fixed in 4.5.3 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2023-51420 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID ab5d91bd1b2c Credits Rafie Muhammad Patchstack Required...