Go back

SPIP porte_plume plugin Arbitrary PHP Execution

severity
critical
date
Affecting
  • Before 4.3.0-alpha2

  • Before 4.2.13

  • Before 4.1.16

CVE
CVE-2024-7954
CVE type
Improper Access Control
CVSS
9.8
CVSS V3 Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Credit
Louka Jacques-Chevallier