EUVD-2023-57532

Malicious code in bioql PyPI...

CVE-2023-5201

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

PT-2024-23740 · Unknown +1 · Adsense Ads +1

Name of the Vulnerable Software and Affected Versions: Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress versions up to, and including, 2.5.0 Description: The issue allows for Remote Code Execution via the insert php shortcode due to the lack of restrictions on its...

CVE-2023-5201

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

CVE-2023-5201 OpenHook <= 4.3.0 - Authenticated (Subscriber+) Remote Code Execution via Shortcode

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

CVE-2023-4994

The Allow PHP in Posts and Pages plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.0.4 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server...

PT-2023-31415 · WordPress · Allow Php In Posts/Pages

Name of the Vulnerable Software and Affected Versions: Allow PHP in Posts and Pages plugin for WordPress versions up to, and including, 3.0.4 Description: The issue allows authenticated attackers with subscriber-level permissions or above to execute code on the server via the php shortcode. This...

VulnCheck KEV: CVE-2023-4994

The Allow PHP in Posts and Pages plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.0.4 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server...

WordPress Plugin Allow PHP in Posts and Pages Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...