CVE-2024-4037

Опубликовано: 24 мая 2024

Источник: nvd

CVSS3: 6.5

CVSS3: 7.3

EPSS Низкий

Описание

The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.7.02.003. This is due to the plugin allowing unauthenticated users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Ссылки

https://plugins.trac.wordpress.org/browser/wp-photo-album-plus/trunk/wppa-ajax.php#L1138
Product
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3078746%40wp-photo-album-plus&new=3078746%40wp-photo-album-plus&sfp_email=&sfph_mail=#file3
Patch
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3079831%40wp-photo-album-plus&new=3079831%40wp-photo-album-plus&sfp_email=&sfph_mail=
Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/3d6b95ee-0a0d-49f7-83b1-4716eec3b863?source=cve
Third Party Advisory
https://plugins.trac.wordpress.org/browser/wp-photo-album-plus/trunk/wppa-ajax.php#L1138
Product
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3078746%40wp-photo-album-plus&new=3078746%40wp-photo-album-plus&sfp_email=&sfph_mail=#file3
Patch
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3079831%40wp-photo-album-plus&new=3079831%40wp-photo-album-plus&sfp_email=&sfph_mail=
Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/3d6b95ee-0a0d-49f7-83b1-4716eec3b863?source=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wppa:wp_photo_album_plus:*:*:*:*:*:wordpress:*:*

Версия до 8.7.00.004 (исключая)

EPSS

Процентиль: 76%

0.00947

Низкий

6.5 Medium

CVSS3

7.3 High

CVSS3

Дефекты

CWE-94

EPSS

Процентиль: 76%

0.00947

Низкий

6.5 Medium

CVSS3

7.3 High

CVSS3

Дефекты

CWE-94