Описание
An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function.
An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-32358
- https://gist.github.com/rootlili/a6b6c89591f4773857ae81b7ca5898bc
- https://gitee.com/JPressProjects/jpress/releases/tag/v5.1.0
- https://github.com/JPressProjects/jpress/releases/tag/v5.1.0
- https://www.jpress.cn/download
- https://www.wolai.com/catr00t/2LujDzjjcrAjUYpWtcusXD
Связанные уязвимости
CVSS3: 7.5
nvd
почти 2 года назад
An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function, a different vulnerability than CVE-2024-43033.