CVE-2024-6486 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The ImageMagick Engine ImageMagick Engine WordPress plugin before 1.7.11 for WordPress is vulnerable to OS Command Injection via the "cli_path" parameter. This…
High CVSS: 7.2

CVE-2024-6486

The ImageMagick Engine ImageMagick Engine WordPress plugin before 1.7.11 for WordPress is vulnerable to OS Command Injection via the "cli_path" parameter. This allows authenticated attackers, with administrator-level permission to execute arbitrary OS commands on the server leading to remote code execution.
Vendor
Orangelab
Product
Imagemagick Engine
CWE
CWE-78
Yayın Tarihi
2025-05-15 20:15:55
Güncelleme
2025-06-11 15:40:01
Source Identifier
contact@wpscan.com
KEV Date Added
-

Kategoriler

CWE-78 Imagemagick Engine HIGH Orangelab 2025

Referanslar

https://wpscan.com/vulnerability/a57c0c59-8b5c-4221-a9db-19f141650d9b/ https://wpscan.com/vulnerability/a57c0c59-8b5c-4221-a9db-19f141650d9b/