4 matches found
CVE-2024-9837 AADMY – Add Auto Date Month Year Into Posts <= 2.0.1 - Unauthenticated Arbitrary Shortcode Execution
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...
CVE-2024-9837 AADMY – Add Auto Date Month Year Into Posts <= 2.0.1 - Unauthenticated Arbitrary Shortcode Execution
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...
CVE-2024-9837
CVE-2024-9837 – AADMY WordPress plugin : The plugin “Add Auto Date Month Year Into Posts” is vulnerable in all versions up to 2.0.1 due to improper validation before running do_shortcode, enabling unauthenticated arbitrary shortcode execution. Impact: attackers can run arbitrary shortcodes, poten...
WordPress AADMY Plugin <= 2.0.1 is vulnerable to Content Injection
Software AADMY Type Plugin Vulnerable versions = 2.0.1 Fixed in 2.0.2 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-9837 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e1df1286c7c4 Credits Francesco Carlucci Required privilege...