Lucene search
+L

8 matches found

nuclei
nuclei
added 12 hours ago119 views

WP Query Console <= 1.0 - Remote Code Execution

Improper Control of Generation of Code 'Code Injection' vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console- from n/a through 1.0. id: CVE-2024-50498 info: name: WP Query Console = 1.0 - Remote Code Execution author: s4e-io severity: critical...

10CVSS7.2AI score0.5364EPSS
Exploits4References4
vulncheck_kev
vulncheck_kev
added 2025/06/08 12:0 a.m.7 views

VulnCheck KEV: CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

9.8CVSS5.8AI score0.5364EPSS
Exploits4References1
nvd
nvd
added 2024/10/28 12:15 p.m.36 views

CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

10CVSS0.5364EPSS
Exploits4References2
osv
osv
added 2024/10/28 12:15 p.m.6 views

CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console: from n/a through 1.0...

9.8CVSS5.8AI score0.5364EPSS
Exploits4References2
cve
cve
added 2024/10/28 11:24 a.m.120 views

CVE-2024-50498

Summary of CVE-2024-50498: The WordPress plugin WP Query Console ≤ 1.0 is vulnerable to an unauthenticated Remote Code Execution due to improper control of code generation, enabling arbitrary PHP execution via a crafted REST request (example: POST to /wp-json/wqc/v1/query with {"queryArgs":"phpin...

10CVSS7.4AI score0.5364EPSS
In wildExploits4References2Affected Software1
vulnrichment
vulnrichment
added 2024/10/28 11:24 a.m.20 views

CVE-2024-50498 WordPress WP Query Console plugin <= 1.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

10CVSS7.4AI score0.5364EPSS
Exploits4References1
cvelist
cvelist
added 2024/10/28 11:24 a.m.43 views

CVE-2024-50498 WordPress WP Query Console plugin <= 1.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

10CVSS0.5364EPSS
Exploits4References1
patchstack
patchstack
added 2024/10/25 12:0 a.m.21 views

WordPress WP Query Console Plugin <= 1.0 is vulnerable to Remote Code Execution (RCE)

Software WP Query Console Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-50498 Patch priority High CVSS severity High 10 Developer Claim ownership PSID af5ddac5f157 Credits stealthcopter Required privilege...

10CVSS7.6AI score0.5364EPSS
Exploits4References1Affected Software1
Rows per page
Query Builder