Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:34 a.m.6 views

CVE-2024-9529

The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin before 6.3.6.3, Advanced Custom Fields Pro WordPress plugin before 6.3.9 does not prevent users from running arbitrary functions through its setting import functionalities, which could allow high privile...

6.6CVSS6.8AI score0.00435EPSS
Exploits1References1
Circl
Circl
added 2024/11/15 6:18 a.m.4 views

CVE-2024-9529

creationtimestamp| type| source ---|---|--- 2024-11-15 06:18:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113485513577251295 2024-11-15 09:23:49+00:00| seen| https://t.me/cvedetector/11049...

6.6CVSS4.8AI score0.00435EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/15 6:0 a.m.20 views

CVE-2024-9529 Secure Custom Fields < 6.3.6.3 - Admin+ Remote Code Execution

The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin before 6.3.6.3, Advanced Custom Fields Pro WordPress plugin before 6.3.9 does not prevent users from running arbitrary functions through its setting import functionalities, which could allow high privile...

0.00435EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/15 6:0 a.m.8 views

CVE-2024-9529 Secure Custom Fields < 6.3.6.3 - Admin+ Remote Code Execution

The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin before 6.3.6.3, Advanced Custom Fields Pro WordPress plugin before 6.3.9 does not prevent users from running arbitrary functions through its setting import functionalities, which could allow high privile...

6.8AI score0.00435EPSS
Exploits1References1
CVE
CVE
added 2024/11/15 6:0 a.m.130 views

CVE-2024-9529

CVE-2024-9529 affects WordPress plugins Secure Custom Fields (Secure Custom Fields WordPress plugin) up to versions before 6.3.9 and 6.3.6.3, and Advanced Custom Fields Pro up to before 6.3.9. Root cause: the plugins’ Settings Import functionality does not prevent executing arbitrary PHP function...

6.6CVSS6.4AI score0.00435EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.23 views

WordPress Advanced Custom Fields PRO Plugin <= 6.3.7 is vulnerable to Arbitrary Code Execution

Software Advanced Custom Fields PRO Type Plugin Vulnerable versions = 6.3.7 Fixed in 6.3.8 OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-9529 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID aa150d72013d Credits Automattic Security Team...

6.6CVSS6.7AI score0.00435EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2024/10/07 12:0 a.m.32 views

WordPress Advanced Custom Fields Plugin <= 6.3.6 is vulnerable to Arbitrary Code Execution

Software Advanced Custom Fields Type Plugin Vulnerable versions = 6.3.6 Fixed in 6.3.6.1 OWASP Top 10 A1: Injection Classification Arbitrary Code Execution CVE CVE-2024-9529 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 2b40e735610b Credits Automattic Security Team...

6.6CVSS6.7AI score0.00435EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder