6 matches found
CVE-2024-10262
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.14. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible fo...
CVE-2024-10262
creationtimestamp| type| source ---|---|--- 2024-11-16 03:25:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113490494137847924 2024-11-16 06:02:43+00:00| seen| https://t.me/cvedetector/11223...
CVE-2024-10262
The CVE-2024-10262 entry concerns the WordPress plugin Drop Shadow Boxes (versions
CVE-2024-10262 Drop Shadow Boxes <= 1.7.14 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.14. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible fo...
CVE-2024-10262 Drop Shadow Boxes <= 1.7.14 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.14. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible fo...
WordPress Drop Shadow Boxes Plugin <= 1.7.14 is vulnerable to Arbitrary Code Execution
Software Drop Shadow Boxes Type Plugin Vulnerable versions = 1.7.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-10262 Patch priority High CVSS severity High 6.3 Developer Claim ownership PSID ab9605f66d27 Credits Arkadiusz Hydzik Required privilege...