Nixpkgs Security Tracker

Untriaged

Permalink CVE-2024-52416

10.0 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months, 1 week ago

WordPress Debug Tool plugin <= 2.2 - Remote Code Execution vulnerability

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through 2.2.

References

https://patchstack.com/database/vulnerability/debug-tool/wordpress-debug-tool-p… vdb-entry
https://patchstack.com/database/vulnerability/debug-tool/wordpress-debug-tool-p… vdb-entry

Affected products

debug-tool

=<2.2

debug_tool

<2.2

Matching in nixpkgs

Package maintainers

@yuuyins Yuu Yin <yuunix@grrlz.net>
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.python312Packages.django-debug-toolbar

pkgs.python313Packages.django-debug-toolbar

pkgs.python312Packages.django-graphiql-debug-toolbar

pkgs.python313Packages.django-graphiql-debug-toolbar

Package maintainers