CVE-2024-4037 – WP Photo Album Plus <= 8.7.02.003 - Unauthenticated Arbitrary Shortcode Execution
https://notcve.org/view.php?id=CVE-2024-4037
The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.7.02.003. This is due to the plugin allowing unauthenticated users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. El complemento WP Photo Album Plus para WordPress es vulnerable a la ejecución arbitraria de códigos cortos en todas las versiones hasta la 8.7.02.003 incluida. Esto se debe a que el complemento permite a usuarios no autenticados ejecutar una acción que no valida correctamente un valor antes de ejecutar do_shortcode. • https://plugins.trac.wordpress.org/browser/wp-photo-album-plus/trunk/wppa-ajax.php#L1138 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3078746%40wp-photo-album-plus&new=3078746%40wp-photo-album-plus&sfp_email=&sfph_mail=#file3 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3079831%40wp-photo-album-plus&new=3079831%40wp-photo-album-plus&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/3d6b95ee • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-0867 – Email Log <= 2.4.8 - Unauthenticated Hook Injection
https://notcve.org/view.php?id=CVE-2024-0867
The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the check_nonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the attacker wishes to execute needs to have a nonce check, and the nonce needs to be known to the attacker. Furthermore, the absence of a capability check is a requirement. El complemento Email Log para WordPress es vulnerable a la inyección de gancho no autenticado en todas las versiones hasta la 2.4.8 incluida a través de la función check_nonce. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3027872%40email-log&new=3027872%40email-log&sfp_email=&sfph_mail= https://wordpress.org/plugins/email-log https://www.wordfence.com/threat-intel/vulnerabilities/id/fd15268f-7e06-4e0d-baaf-f27348af61ce?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-35186 – gix traversal outside working tree enables arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-35186
gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads to a major loss of confidentiality, integrity, and availability, but creating files outside a working tree without attempting to execute code can directly impact integrity as well. This vulnerability has been patched in version(s) 0.36.0. gitoxide es una implementación Rust pura de Git. • https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c • CWE-23: Relative Path Traversal •
CVE-2024-33228
https://notcve.org/view.php?id=CVE-2024-33228
An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. Un problema en el componente segwindrvx64.sys de Insyde Software Corp SEG Windows Driver v100.00.07.02 permite a los atacantes escalar privilegios y ejecutar código arbitrario mediante el envío de solicitudes IOCTL manipuladas. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33228 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-33225
https://notcve.org/view.php?id=CVE-2024-33225
An issue in the component RTKVHD64.sys of Realtek Semiconductor Corp Realtek(r) High Definition Audio Function Driver v6.0.9549.1 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. Un problema en el componente RTKVHD64.sys de Realtek Semiconductor Corp Realtek(r) High Definition Audio Function Driver v6.0.9549.1 permite a los atacantes escalar privilegios y ejecutar código arbitrario mediante el envío de solicitudes IOCTL manipuladas. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33225 • CWE-94: Improper Control of Generation of Code ('Code Injection') •