Security Advisory

CVE-2021-24537

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-11-08 17:34:43

Last updated 2024-08-03 19:35:20

Assigner WPScan

State PUBLISHED

Description

The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment (ie with DISALLOW_FILE_EDIT, DISALLOW_FILE_MODS and DISALLOW_UNFILTERED_HTML set to true) via the widget_rrm_similar_posts_condition widget setting of the plugin.

← Browse all CVEs View on cve.org ↗