Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2024/11/28 9:47 a.m.17 views

CVE-2024-8672 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution

The Widget Options – The 1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin allowing users to supply inp...

9.9CVSS7.9AI score0.43797EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/11/28 9:47 a.m.29 views

CVE-2024-8672 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution

The Widget Options – The 1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin allowing users to supply inp...

9.9CVSS0.43797EPSS
Exploits1References5
Patchstack
Patchstack
added 2024/11/27 12:0 a.m.41 views

WordPress Widget Options Plugin <= 4.0.7 is vulnerable to Remote Code Execution (RCE)

Software Widget Options Type Plugin Vulnerable versions = 4.0.7 Fixed in 4.0.8 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-8672 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 44c40aa090ca Credits Webbernaut Required privilege...

7.6AI score0.43797EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder