CVE-2024-11733

CVE-2024-11733 concerns WordPress Popular Posts for WordPress. Affected: all versions up to and including 7.1.0. Root cause: unvalidated value is passed to do_shortcode, allowing an attacker to trigger shortcode execution. Impact: unauthenticated attackers can execute arbitrary shortcodes, enabli...

CVE-2024-11733 WordPress Popular Posts <= 7.1.0 - Unauthenticated Arbitrary Shortcode Execution

The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...

CVE-2024-11733 WordPress Popular Posts <= 7.1.0 - Unauthenticated Arbitrary Shortcode Execution

The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...

Friday Squid Blogging: Anniversary Post

I made my first squid post nineteen years ago this week. Between then and now, I posted something about squid every week with maybe only a few exceptions. There is a lot out there about squid, even more if you count the other meanings of the word. Blog moderation policy...

WordPress Popular Posts plugin <= 7.1.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by mikemyers in WordPress Plugin Popular Posts versions = 7.1.0...

CVE-2024-56262

creationtimestamp| type| source ---|---|--- 2025-01-02 12:21:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2tyuxa22a 2025-01-02 12:42:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ler3zporn52r 2025-01-02 14:14:57+00:00| seen|...

CVE-2024-56259

creationtimestamp| type| source ---|---|--- 2025-01-02 12:21:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2trqej52i 2025-01-02 12:42:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ler3zq67lm2g 2025-01-02 14:15:07+00:00| seen|...

CVE-2024-37518

creationtimestamp| type| source ---|---|--- 2025-01-02 12:19:38+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2qkge732i 2025-01-02 18:08:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113760095804141325...

CVE-2024-37448

creationtimestamp| type| source ---|---|--- 2025-01-02 12:19:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2pihnrt2i 2025-01-02 17:08:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113759859632900813...

CVE-2023-45636

creationtimestamp| type| source ---|---|--- 2025-01-02 12:15:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2jzaqv32i 2025-01-02 12:38:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113758796727499328...

CVE-2023-46637 WordPress Generate Dummy Posts plugin <= 1.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saurav Sharma Generate Dummy Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Generate Dummy Posts: from n/a through 1.0.0...

CVE-2024-12595

creationtimestamp| type| source ---|---|--- 2025-01-02 06:15:24+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3leqgfaacn52m 2025-01-02 06:47:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3leqi6btdre2q 2025-01-02 08:23:27+00:00| seen|...

PT-2025-1526 · Unknown · Generate Dummy Posts

Name of the Vulnerable Software and Affected Versions: Generate Dummy Posts versions 1.0.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can lead to unauthorized access du...

CVE-2025-0167

creationtimestamp| type| source ---|---|--- 2024-12-31 23:33:36+00:00| seen| https://mastodon.social/users/bagder/statuses/113750049544852986 2024-12-31 23:33:49+00:00| seen| https://bsky.app/profile/bagder.mastodon.social.ap.brid.gy/post/3len7hvuu46i2 2025-02-05 07:24:03+00:00| seen|...

CVE-2024-56040

creationtimestamp| type| source ---|---|--- 2024-12-31 14:16:00+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lemacrsaba2c 2024-12-31 16:13:19+00:00| seen| https://t.me/cvedetector/14025 2025-01-01 18:36:25+00:00| seen|...

CVE-2024-46972

creationtimestamp| type| source ---|---|--- 2024-12-28 04:58:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113728677913660600 2024-12-28 05:15:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ledqpgblcy2i 2024-12-28 07:04:43+00:00| seen|...

CVE-2024-53185

creationtimestamp| type| source ---|---|--- 2024-12-27 14:16:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lec6hzy3pq25 2024-12-27 15:07:02+00:00| seen| https://infosec.exchange/users/cve/statuses/113725408637101324...

CVE-2024-3393

creationtimestamp| type| source ---|---|--- 2024-12-27 01:30:00+00:00| seen| https://security.paloaltonetworks.com/CVE-2024-3393 2024-12-27 03:03:19+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3leayuapjiy2p 2024-12-27 03:56:41+00:00| seen|...

CVE-2024-33112

creationtimestamp| type| source ---|---|--- 2024-12-26 20:36:59+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113721043770547462 2024-12-27 10:06:23+00:00| seen| https://bsky.app/profile/hackingne.ws/post/3lebqiq2tvs2l 2024-12-27 17:27:32+00:00| exploited|...

CVE-2024-56431

creationtimestamp| type| source ---|---|--- 2024-12-25 17:07:40+00:00| seen| https://infosec.exchange/users/cve/statuses/113714558412280277 2024-12-25 17:15:29+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3le5hk6xugy22 2024-12-25 18:49:53+00:00| seen|...