2 matches found
CVE-2024-37109
CVE-2024-37109 affects Wishlist Member X (WishList Member X) with impact on versions up to 3.26.7. Connected sources indicate an Authenticated (Subscriber+) Remote Code Execution path, i.e., requiring at least subscriber privileges, not necessarily unauthenticated. Public details also show multip...
WordPress WishList Member X Plugin < 3.26.7 is vulnerable to Arbitrary Code Execution
Software WishList Member X Type Plugin Vulnerable versions 3.26.7 Fixed in 3.26.7 OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-37109 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID fa508ef02b6e Credits Dave Jong Patchstack Required...