cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-10124,https://securityvulnerability.io/vulnerability/CVE-2024-10124,Arbitrary Plugin Installation Vulnerability in Vayu Blocks for WordPress and WooCommerce,"CVE-2024-10124 refers to a severe vulnerability within the Vayu Blocks plugin for WordPress and WooCommerce. This weakness stems from a missing capability check in the tp_install() function, found in all versions up to 1.1.1. The flaw allows unauthenticated attackers to install and activate arbitrary plugins on affected sites. If exploited, this can lead to remote code execution, particularly if other vulnerable plugins coexist on the site. While Vayu has partially mitigated this issue in version 1.1.1, it remains critical for users to update to the latest version and review their plugin installations to ensure security.",Wordpress,Vayu Blocks – Gutenberg Blocks For WordPress & WooCommerce,9.8,CRITICAL,0.0009899999713525176,false,,false,false,true,2024-12-13T00:13:30.000Z,true,false,false,,2024-12-12T05:24:21.899Z,0