6 matches found
Exploit for CVE-2024-12252
SEO LAT Auto Post = 2.2.1 - Remote Code Execution Descrip...
WordPress SEO LAT Auto Post 2.2.1 Remote Code Execution
WordPress SEO LAT Auto Post plugin versions 2.2.1 and below suffer from a remote code execution vulnerability...
CVE-2024-12252
The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing capability check on the remoteupdate AJAX action in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to overwrite the seo-beginner-auto-post.php file which can...
CVE-2024-12252
The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing capability check on the remoteupdate AJAX action in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to overwrite the seo-beginner-auto-post.php file which can...
CVE-2024-12252
The CVE-2024-12252 entry concerns the WordPress plugin SEO LAT Auto Post (versions up to 2.2.1). A missing capability check on the remote_update AJAX action allows unauthenticated attackers to overwrite the seo-beginner-auto-post.php file, enabling remote code execution. Related connected documen...
CVE-2024-12252 SEO LAT Auto Post <= 2.2.1 - Missing Authorization to File Overwrite/Upload (Remote Code Execution)
The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing capability check on the remoteupdate AJAX action in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to overwrite the seo-beginner-auto-post.php file which can...