4 matches found
CVE-2024-9839
creationtimestamp| type| source ---|---|--- 2024-11-16 04:10:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113490671306133613 2024-11-16 06:02:23+00:00| seen| https://t.me/cvedetector/11209...
CVE-2024-9839
CVE-2024-9839 concerns the WordPress plugin Uix Slideshow . It is vulnerable to unauthenticated arbitrary shortcode execution in all versions up to and including 1.6.5 , caused by executing an action that does not properly validate values before running do_shortcode. Connected sources collapse th...
CVE-2024-9839 Uix Slideshow <= 1.6.5 - Unauthenticated Arbitrary Shortcode Execution
The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
WordPress Uix Slideshow Plugin <= 1.6.5 is vulnerable to Arbitrary Code Execution
Software Uix Slideshow Type Plugin Vulnerable versions = 1.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-9839 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID c288369c6e6c Credits Francesco Carlucci Required privilege...