CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9061 – WP Popup Builder – Popup Forms and Marketing Lead Generation <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via wp_ajax_nopriv_shortcode_Api_Add
https://notcve.org/view.php?id=CVE-2024-9061
The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wp_ajax_nopriv_shortcode_Api_Add AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. NOTE: This vulnerability was partially fixed in version 1.3.5 with a nonce check, which effectively prevented access to the affected function. However, version 1.3.6 incorporates the correct authorization check to prevent unauthorized access. • https://github.com/RandomRobbieBF/CVE-2024-9061 https://plugins.trac.wordpress.org/changeset/3166506/wp-popup-builder https://www.wordfence.com/threat-intel/vulnerabilities/id/0cac1dc0-87dc-43eb-9db1-638a91200b43?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9837 – AADMY – Add Auto Date Month Year Into Posts <= 2.0.1 - Unauthenticated Arbitrary Shortcode Execution
https://notcve.org/view.php?id=CVE-2024-9837
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. El complemento AADMY – Add Auto Date Month Year Into Posts para WordPress es vulnerable a la ejecución de códigos cortos arbitrarios en todas las versiones hasta la 2.0.1 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acción que no valida correctamente un valor antes de ejecutar do_shortcode. • https://plugins.trac.wordpress.org/browser/auto-date-year-month/trunk/auto-date-year-month.php#L218 https://plugins.trac.wordpress.org/changeset/3167908 https://wordpress.org/plugins/auto-date-year-month/#developers https://www.wordfence.com/threat-intel/vulnerabilities/id/fb165cba-34a9-42d9-bfd5-31a290d02311?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47826 – eLabFTW vulnerable to HTML Injection in extended search error message
https://notcve.org/view.php?id=CVE-2024-47826
eLabFTW is an open source electronic lab notebook for research labs. A vulnerability in versions prior to 5.1.5 allows an attacker to inject arbitrary HTML tags in the pages: "experiments.php" (show mode), "database.php" (show mode) or "search.php". It works by providing HTML code in the extended search string, which will then be displayed back to the user in the error message. This means that injected HTML will appear in a red "alert/danger" box, and be part of an error message. Due to some other security measures, it is not possible to execute arbitrary javascript from this attack. • https://github.com/elabftw/elabftw/security/advisories/GHSA-cjww-pr9f-4c4w https://www.acunetix.com/vulnerabilities/web/html-injection • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-48168
https://notcve.org/view.php?id=CVE-2024-48168
A stack overflow vulnerability exists in the sub_402280 function of the HNAP service of D-Link DCS-960L 1.09, allowing an attacker to execute arbitrary code. • https://github.com/fu37kola/cve/blob/main/D-Link/DCS-960L/D-Link%20DCS-960L%201.09%20Stack%20overflow_1.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-41997
https://notcve.org/view.php?id=CVE-2024-41997
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A command injection vulnerability exists in the Docker integration functionality. An attacker can create a specially crafted hyperlink using the `warp://action/docker/open_subshell` intent that when clicked by the victim results in command execution on the victim's machine. • https://docs.warp.dev/features/integrations-and-plugins#docker https://docs.warp.dev/getting-started/changelog#id-2024.07.18-v0.2024.07.16.08.02 https://gist.github.com/bhyh/d1ee7a825fce283bf8acbdb42c8a7832 https://github.com/warpdotdev/warp • CWE-94: Improper Control of Generation of Code ('Code Injection') •