53 matches found
EUVD-2021-10328
Malware in sbrugna...
EUVD-2022-29539
Malicious code in bioql PyPI...
EUVD-2022-29538
Malicious code in bioql PyPI...
CVE-2022-24663
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user...
CVE-2022-24665
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts...
CVE-2022-24664
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts...
VulnCheck KEV: CVE-2022-24665
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts...
VulnCheck KEV: CVE-2022-24663
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user...
VulnCheck KEV: CVE-2022-24664
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts...
WordPress PHP Everywhere Plugin <= 2.0.3 is vulnerable to Remote Code Execution (RCE)
Software PHP Everywhere Type Plugin Vulnerable versions = 2.0.3 Fixed in 3.0.0 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2022-24665 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 613af699ce95 Credits Ramuel Gall Required privilege...
WordPress PHP Everywhere Plugin <= 2.0.3 is vulnerable to Remote Code Execution (RCE)
Software PHP Everywhere Type Plugin Vulnerable versions = 2.0.3 Fixed in 3.0.0 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2022-24664 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 03f2a970e135 Credits Ramuel Gall Required privilege...
WordPress PHP Everywhere Plugin <= 2.0.3 is vulnerable to Remote Code Execution (RCE)
Software PHP Everywhere Type Plugin Vulnerable versions = 2.0.3 Fixed in 3.0.0 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2022-24663 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 39f7e97ee70f Credits Ramuel Gall Required privilege...
PHP Everywhere Plugin for WordPress < 3.0.0 Remote Code Execution
The WordPress PHP Everywhere Plugin installed on the remote host is affected by multiple remote code execution vulnerabilities. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...
The vulnerability of the wp_ajax_parse_media_shortcode() function in the PHP plugin for implementing PHP Everywhere allows a hacker to execute arbitrary code.
The vulnerability of the wpajaxparsemediashortcode function in the PHP plugin for implementing PHP Everywhere is related to incorrect code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability lies in the implementation of the edit_posts permission plugin for PHP code, which allows a hacker to execute arbitrary code.
The vulnerability of the editposts permission implementation in the PHP plugin for PHP Everywhere is related to incorrect code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely using metashells...
CVE-2022-24665
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts...
CVE-2022-24664
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts...
CVE-2022-24663
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user...
CVE-2022-24665
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts...
CVE-2022-24664
PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts...