Lucene search

WpvulndbWPVDB-ID:0431A8BE-A671-4302-A6E0-98744EABD3B2

HistoryApr 23, 2024 - 12:00 a.m.

WP Dummy Content Generator < 3.3.0 - Unauthenticated Code Injection

2024-04-2300:00:00

wpscan.com

wordpress

remote code execution

unauthenticated

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

Percentile

9.0%

JSON

Description The WP Dummy Content Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to 3.3.0 (exclusive). This makes it possible for unauthenticated attackers to execute code on the server.

References

www.wordfence.com/threat-intel/vulnerabilities/id/a2bda5d0-9589-4925-baa6-6e207e6fc978

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for WPVDB-ID:0431A8BE-A671-4302-A6E0-98744EABD3B2