exploitDog

CVE-2024-51661

Опубликовано: 04 нояб. 2024

Источник: nvd

CVSS3: 9.1

CVSS3: 7.2

EPSS Низкий

Описание

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Library Assistant: from n/a through 3.19.

Ссылки

https://patchstack.com/database/vulnerability/media-library-assistant/wordpress-media-library-assistant-plugin-3-19-remote-code-execution-rce-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:davidlingren:media_library_assistant:*:*:*:*:*:wordpress:*:*

Версия до 3.20 (исключая)

EPSS

Процентиль: 84%

0.02059

Низкий

9.1 Critical

CVSS3

7.2 High

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-fm3h-xpw5-j8xh

CVSS3: 9.1

github

больше 1 года назад

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Library Assistant: from n/a through 3.19.

EPSS

Процентиль: 84%

0.02059

Низкий

9.1 Critical

CVSS3

7.2 High

CVSS3

Дефекты

CWE-78