Eval Injection Vulnerability in Sniplets Plugin for WordPress
CVE-2008-1060

Currently unrated

Key Information:

Vendor

Wordpress
Status
Sniplets Plugin
Vendor
CVE Published:
28 February 2008

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸฃ EPSS 23%

What is CVE-2008-1060?

The Sniplets plugin for WordPress versions 1.1.2 and 1.2.2 suffers from an eval injection vulnerability that allows remote attackers to execute arbitrary PHP code. By manipulating the 'text' parameter in modules/execute.php, an attacker can gain unauthorized access and execute malicious scripts, which poses significant security risks to the website. It is crucial for users of this plugin to apply necessary security measures or updates to mitigate potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/29099
third-party-advisoryx_refsource_SECUNIA
https://www.exploit-db.com/exploits/5194
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/archive/1/488734/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.