Lucene search
K

4 matches found

NVD
NVD
added 2024/09/25 3:15 a.m.25 views

CVE-2024-8481

The The Special Text Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 6.2.4. This is due to the plugin adding the filter addfilter'commenttext', 'doshortcode'; which will run all shortcodes in comments. This makes it possible for...

7.3CVSS0.00649EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/25 2:5 a.m.15 views

CVE-2024-8481 Special Text Boxes <= 6.2.2 - Unauthenticated Arbitrary Shortcode Execution

The The Special Text Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 6.2.2. This is due to the plugin adding the filter addfilter'commenttext', 'doshortcode'; which will run all shortcodes in comments. This makes it possible for...

7.3CVSS7.7AI score0.00649EPSS
Exploits0References2
CVE
CVE
added 2024/09/25 2:5 a.m.50 views

CVE-2024-8481

CVE-2024-8481 affects the WordPress plugin Special Text Boxes up to 6.2.2 due to the filter add_filter('comment_text','do_shortcode') allowing unauthenticated arbitrary shortcode execution in comments. A patch exists; upgrade to 6.2.4 or later to remediate.

7.3CVSS6.2AI score0.00649EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.15 views

WordPress Special Text Boxes Plugin <= 6.2.2 is vulnerable to Bypass Vulnerability

Software Special Text Boxes Type Plugin Vulnerable versions = 6.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Bypass Vulnerability CVE CVE-2024-8481 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID ff741af18511 Credits Francesco Carlucci Required privilege...

7.3CVSS9.5AI score0.00649EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder