Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses

Filter by:

With package: git-sync

Found 1 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2024-54368

9.6 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

WordPress GitSync plugin <= 1.1.0 - CSRF to Remote Code Execution vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garza, Jr. GitSync allows Code Injection.This issue affects GitSync: from n/a through 1.1.0.

References

https://patchstack.com/database/wordpress/plugin/git-sync/vulnerability/wordpre… vdb-entry

Affected products

git-sync

=<1.1.0

Matching in nixpkgs

pkgs.git-sync

Script to automatically synchronize a git repository

nixos-unstable -
- nixpkgs-unstable 0-unstable-2025-06-26

Package maintainers

@colonelpanic8 Ivan Malison <IvanMalison@gmail.com>

1