The vulnerability of the `cp_plugins_do_button_job_later_callback` function in the Tree Sitemap WordPress plugin allows a hacker to execute arbitrary code.

The vulnerability of the cppluginsdobuttonjoblatercallback function in the Tree Sitemap WordPress plugin is related to authentication process errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

WordPress plugin authorization issue vulnerability (CNVD-2021-36538)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . An authorization issue vulnerability exists in versions o...

CVE-2021-24192

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install...

CVE-2021-24192 Tree Sitemap < 2.9 - Arbitrary Plugin Installation/Activation via Low Privilege User

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install...

WordPress plugin Tree Sitemap 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . An authorization issue vulnerability exists in versions o...

WordPress Tree Sitemap plugin <= 2.8 - Arbitrary Plugin Installation and Activation vulnerability

Arbitrary Plugin Installation and Activation vulnerability discovered by Bugbang in WordPress Tree Sitemap plugin versions = 2.8. Solution This plugin has been closed as of March 23, 2021 and is not available for download. This closure is temporary, pending a full review...