CVE-2024-5630 Vulnerability Details

  /     /     /  

CVE-2024-5630 Metadata Quick Info

CVE Published: 15/07/2024 | CVE Updated: 01/08/2024 | CVE Year: 2024
Source: WPScan | Vendor: Unknown | Product: Insert or Embed Articulate Content into WordPress
Status : PUBLISHED

CVE-2024-5630 Description

The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: CWE-78 OS Command Injection
Source: Unknown

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description: