Plugin allows high privilege users to execute arbitrary PHP code, despite hardened environment settings. Vendor and WP plugins team notified with no response. (100 chars
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
CVE | CVE-2021-24537 | 8 Nov 202118:15 | – | cve |
Patchstack | WordPress Similar Posts plugin <= 3.1.5 - Arbitrary PHP Code Execution vulnerability | 11 Oct 202100:00 | – | patchstack |
Cvelist | CVE-2021-24537 Similar Posts <= 3.1.5 - Admin+ Arbitrary PHP Code Execution | 8 Nov 202117:34 | – | cvelist |
CNVD | WordPress Similar Posts plugin code injection vulnerability | 10 Nov 202100:00 | – | cnvd |
NVD | CVE-2021-24537 | 8 Nov 202118:15 | – | nvd |
wpexploit | Similar Posts < 3.1.6 - Admin+ Arbitrary PHP Code Execution | 11 Oct 202100:00 | – | wpexploit |
Prion | Design/Logic Flaw | 8 Nov 202118:15 | – | prion |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo