10 matches found
EUVD-2024-0892
Malicious code in bioql PyPI...
CVE-2024-28850
WP Crontrol controls the cron events on WordPress websites. WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no known vulnerability...
MAL-2024-12105 Malicious code in wp-crontrol (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11dbd6b64c95e1656b934ea5eb5777054646b14af3e48acd8ea85546f3a0a930 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-9XVF-CJVF-FF5Q WP Crontrol vulnerable to possible RCE when combined with a pre-condition
Impact WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no known vulnerability in this feature on its own, there exists potential f...
WP Crontrol vulnerable to possible RCE when combined with a pre-condition
Impact WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no known vulnerability in this feature on its own, there exists potential f...
CVE-2024-28850 WP Crontrol possible RCE when combined with a pre-condition
WP Crontrol controls the cron events on WordPress websites. WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no known vulnerability...
CVE-2024-28850 WP Crontrol possible RCE when combined with a pre-condition
WP Crontrol controls the cron events on WordPress websites. WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no known vulnerability...
CVE-2024-28850 WP Crontrol possible RCE when combined with a pre-condition
WP Crontrol controls the cron events on WordPress websites. WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no known vulnerability...
CVE-2024-28850
WP Crontrol for WordPress can enable remote code execution if an attacker chains it with another vulnerability (e.g., a writeable SQLi or arbitrary wp_options updates) that grants control over PHP cron event parameters. The issue is not in the feature itself, but in how a pre-condition could allo...
WordPress plugin WP Crontrol 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...