exploitDog

GHSA-xv4g-g9fh-fqrj

Опубликовано: 19 авг. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.

The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.

Ссылки

EPSS

Процентиль: 97%

0.41799

Средний

9.8 Critical

CVSS3

CVE ID

Связанные уязвимости

CVE-2024-6330

CVSS3: 9.8

nvd

больше 1 года назад

The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.

EPSS

Процентиль: 97%

0.41799

Средний

9.8 Critical

CVSS3

CVE ID