4 matches found
CVE-2024-22144 WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.21.96 - Unauthenticated Predictable Nonce Brute-Force Leading to RCE vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Eli Scheetz Anti-Malware Security and Brute-Force Firewall gotmls allows Code Injection.This issue affects Anti-Malware Security and Brute-Force Firewall: from n/a through 4.21.96...
CVE-2024-22144 WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.21.96 - Unauthenticated Predictable Nonce Brute-Force Leading to RCE vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Eli Scheetz Anti-Malware Security and Brute-Force Firewall gotmls allows Code Injection.This issue affects Anti-Malware Security and Brute-Force Firewall: from n/a through 4.21.96...
CVE-2024-22144
The CVE-2024-22144 entry relates to the WordPress plugin “Anti-Malware Security and Brute-Force Firewall” ≤ 4.21.96, where an improper control of code generation enables unauthenticated code execution (RCE) via a predictable nonce/brute-force approach. Affected component: the plugin’s nonce/autho...
WordPress Anti-Malware Security and Brute-Force Firewall Plugin <= 4.21.96 is vulnerable to Remote Code Execution (RCE)
Software Anti-Malware Security and Brute-Force Firewall Type Plugin Vulnerable versions = 4.21.96 Fixed in 4.23.56 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-22144 Patch priority High CVSS severity High 9 Developer Claim ownership PSID 7fc7064849ae Credits...