Lucene search
K

4 matches found

vulnrichment
vulnrichment
added 2024/10/15 7:30 a.m.8 views

CVE-2024-9837 AADMY – Add Auto Date Month Year Into Posts <= 2.0.1 - Unauthenticated Arbitrary Shortcode Execution

The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...

7.3CVSS7.4AI score0.00585EPSS
Exploits0References4
cvelist
cvelist
added 2024/10/15 7:30 a.m.17 views

CVE-2024-9837 AADMY – Add Auto Date Month Year Into Posts <= 2.0.1 - Unauthenticated Arbitrary Shortcode Execution

The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...

7.3CVSS0.00585EPSS
Exploits0References4
cve
cve
added 2024/10/15 7:30 a.m.42 views

CVE-2024-9837

CVE-2024-9837 – AADMY WordPress plugin : The plugin “Add Auto Date Month Year Into Posts” is vulnerable in all versions up to 2.0.1 due to improper validation before running do_shortcode, enabling unauthenticated arbitrary shortcode execution. Impact: attackers can run arbitrary shortcodes, poten...

7.3CVSS7.6AI score0.00585EPSS
Exploits0References4
patchstack
patchstack
added 2024/10/15 12:0 a.m.9 views

WordPress AADMY Plugin <= 2.0.1 is vulnerable to Content Injection

Software AADMY Type Plugin Vulnerable versions = 2.0.1 Fixed in 2.0.2 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-9837 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e1df1286c7c4 Credits Francesco Carlucci Required privilege...

7.3CVSS6.8AI score0.00585EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder