CVE-2024-10938 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files contain directives to prevent the execution of certain scri…
Medium CVSS: 6.5

CVE-2024-10938

The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files contain directives to prevent the execution of certain scripts while allowing execution of known malicious PHP files. If moved outside of the plugin's directory, they may interfere with the proper function of a site.
Vendor
-
Product
-
CWE
CWE-506
Yayın Tarihi
2026-02-27 10:16:18
Güncelleme
2026-02-27 14:06:37
Source Identifier
security@wordfence.com
KEV Date Added
-

Kategoriler

CWE-506 MEDIUM 2026

Referanslar

https://plugins.trac.wordpress.org/browser/moneytigo/tags/1.7.0/.htaccess https://plugins.trac.wordpress.org/browser/moneytigo/tags/1.7.0/assets/.htaccess https://www.wordfence.com/threat-intel/vulnerabilities/id/2b45674c-8446-44eb-a45a-15dab02c89cf?source=cve