Untriaged
Permalink
CVE-2024-35767
9.1 CRITICAL
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): HIGH
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
WordPress Squeeze plugin <= 1.4 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows Code Injection.This issue affects Squeeze: from n/a through 1.4.
References
- https://patchstack.com/database/vulnerability/squeeze/wordpress-squeeze-plugin-… vdb-entry
- https://patchstack.com/database/vulnerability/squeeze/wordpress-squeeze-plugin-… vdb-entry
- https://patchstack.com/database/vulnerability/squeeze/wordpress-squeeze-plugin-… vdb-entry
- https://patchstack.com/database/vulnerability/squeeze/wordpress-squeeze-plugin-… vdb-entry x_transferred
Affected products
squeeze
- =<1.4
Matching in nixpkgs
pkgs.squeezelite
Lightweight headless squeezebox client emulator
-
nixos-unstable -
- nixpkgs-unstable 2.0.0.1541
pkgs.squeezelite-pulse
Lightweight headless squeezebox client emulator
-
nixos-unstable -
- nixpkgs-unstable 2.0.0.1541
pkgs.postgresqlPackages.pg_squeeze
PostgreSQL extension for automatic bloat cleanup
-
nixos-unstable -
- nixpkgs-unstable 1.9.0
pkgs.python312Packages.pysqueezebox
Asynchronous library to control Logitech Media Server
-
nixos-unstable -
- nixpkgs-unstable 0.12.1
pkgs.python313Packages.pysqueezebox
Asynchronous library to control Logitech Media Server
-
nixos-unstable -
- nixpkgs-unstable 0.12.1
pkgs.postgresql13Packages.pg_squeeze
PostgreSQL extension for automatic bloat cleanup
-
nixos-unstable -
- nixpkgs-unstable 1.9.0
pkgs.postgresql14Packages.pg_squeeze
PostgreSQL extension for automatic bloat cleanup
-
nixos-unstable -
- nixpkgs-unstable 1.9.0
pkgs.postgresql15Packages.pg_squeeze
PostgreSQL extension for automatic bloat cleanup
-
nixos-unstable -
- nixpkgs-unstable 1.9.0
pkgs.postgresql16Packages.pg_squeeze
PostgreSQL extension for automatic bloat cleanup
-
nixos-unstable -
- nixpkgs-unstable 1.9.0
pkgs.postgresql18Packages.pg_squeeze
PostgreSQL extension for automatic bloat cleanup
-
nixos-unstable -
- nixpkgs-unstable 1.9.0
pkgs.home-assistant-component-tests.squeezebox
Open source home automation that puts local control and privacy first
-
nixos-unstable -
- nixpkgs-unstable 2025.9.3
Package maintainers
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
-
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
-
@nyanloutre Paul Trehiou <paul@nyanlout.re>
-
@adamcstephens Adam C. Stephens <happy.plan4249@valkor.net>