CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

Race Condition

wordops is vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in stackpref.py. The vulnerability is due to calling os.open without a mode parameter during file creation, potentially allowing an attacker to manipulate the file before it is opened by the application...

GHSA-23QQ-P4GQ-GC2G WordOps has TOCTOU race condition

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

WordOps has TOCTOU race condition

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

PYSEC-2024-175

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

PYSEC-2024-175

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

WordOps 安全漏洞

WordOps is an important toolset from WordOps that simplifies WordPress website and server management. A security vulnerability exists in WordOps 3.20.0 and earlier versions, which stems from the presence of a TOCTOU contention condition in wo/cli/plugins/stackpref.py because confpath os.open does...

CVE-2024-34528

WordOps up to version 3.20.0 is affected by a TOCTOU race condition in wo/cli/plugins/stack_pref.py. The root cause is conf_path os.open being used without a mode parameter during file creation, enabling a potential local race condition. The CVE (CVE-2024-34528) documents a HIGH-severity impact (...

PT-2024-25950 · Wordops · Wordops

Name of the Vulnerable Software and Affected Versions: WordOps versions prior to 3.20.1 Description: The issue is related to a TOCTOU race condition in the wo/cli/plugins/stack pref.py file. This occurs because the conf path os.open does not use a mode parameter during file creation, potentially...

CVE-2024-34528

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...