logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2023-6634

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2023-6634

Description:
The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. This is due to the plugin making use of the call_user_func function with user input. This makes it possible for unauthenticated attackers to execute any public function with one parameter, which could result in remote code execution.
Last updated date:
01/17/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
04/05/2024
Reference url to background

https://github.com/krn966/CVE-2023-6634

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy