2 matches found
DEBIAN-CVE-2021-44223
WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin...
PT-2021-24068 · WordPress +1 · Wordpress +1
Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.8 Description: The issue makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming...