Security Advisory

CVE-2024-58305

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-12 19:56:58

Last updated 2026-04-07 14:08:48

Assigner VulnCheck

State PUBLISHED

Description

WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an authenticated administrator into accessing a malicious link.

← Browse all CVEs View on cve.org ↗