ГлавнаяУязвимости → CVE-2024-6330
9.8критическая

CVE-2024-6330

Описание

The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.

Затрагиваемое ПО
Geomywp Geo my wordpress
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://wpscan.com/vulnerability/95b532e0-1ffb-421e-b9c0-de03f89491d7/