CVE-2024-3105 – The Woody code snippets – Insert Header Footer Cod

CVE ID : CVE-2024-3105

Published : June 15, 2024, 9:15 a.m. | 15 hours, 3 minutes ago

Description : The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the ‘insert_php’ shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized users. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2024-3105

Published : June 15, 2024, 9:15 a.m. | 15 hours, 3 minutes ago

Description : The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the ‘insert_php’ shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized users. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…