CVE-2024-28850
WP Crontrol for WordPress can enable remote code execution if an attacker chains it with another vulnerability (e.g., a writeable SQLi or arbitrary wp_options updates) that grants control over PHP cron event parameters. The issue is not in the feature itself, but in how a pre-condition could allo...