CVE-2024-11977 – WordPress kk Star Ratings – Rate Post & Collect User Feedbacks Arbitrary Shortcode Execution Vulnerability

12月 21, 2024
7:16 am

CVE ID : CVE-2024-11977

Published : Dec. 21, 2024, 6:15 a.m. | 1 hour ago

Description : The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.4.10. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-11977 – WordPress kk Star Ratings – Rate Post & Collect User Feedbacks Arbitrary Shortcode Execution Vulnerability

Elvescore.io

Recent Posts

CVE-2024-11196 – WordPress Multi-column Tag Map Stored Cross-Site Scripting Vulnerability

CVE-2024-11287 – Ebook Store WordPress Reflected Cross-Site Scripting

CVE-2024-11682 – WordPress G Web Pro Store Locator Reflected Cross-Site Scripting

CVE-2024-11938 – “WooCommerce Sales Funnel Cross-Site Scripting Vulnerability”

CVE-2024-11975 – Reactflow WordPress CSRF

CVE-2024-12066 – WordPress SMSA Shipping Plugin Remote File Deletion Vulnerability

CVE-2024-11977 – WordPress kk Star Ratings – Rate Post & Collect User Feedbacks Arbitrary Shortcode Execution Vulnerability

CVE-2024-11977 – WordPress kk Star Ratings – Rate Post & Collect User Feedbacks Arbitrary Shortcode Execution Vulnerability