cve/CVE-2024-11972.md at edc21dfd23c1fd07dfa20d053e3b92d875e0ab18

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk Companion WordPress plugin before 1.9.0 that have been closed.

POC

Reference

https://wpscan.com/vulnerability/4963560b-e4ae-451d-8f94-482779c415e4/

Github

https://github.com/20142995/nuclei-templates
https://github.com/ARPSyndicate/cve-scores
https://github.com/JunTakemura/exploit-CVE-2024-11972
https://github.com/Nxploited/CVE-2024-11972-PoC
https://github.com/RonF98/CVE-2024-11972-POC
https://github.com/cyb3r-w0lf/nuclei-template-collection
https://github.com/nomi-sec/PoC-in-GitHub

1.2 KiB Raw Blame History

CVE-2024-11972

Description

POC

Reference

Github

1.2 KiB

Raw Blame History