cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-3105,https://securityvulnerability.io/vulnerability/CVE-2024-3105,"Remote Code Execution Vulnerability in Woody code snippets Insert Header Footer Code, AdSense Ads Plugin","The Insert Header Footer Code, AdSense Ads plugin for WordPress, developed by Woody, is susceptible to a Remote Code Execution vulnerability. This flaw affects all versions up to and including 2.5.0, primarily due to inadequate restrictions on the 'insert_php' shortcode functionality. As a result, authenticated attackers with contributor-level access or higher can potentially execute arbitrary code on the server, posing a significant security threat to WordPress installations utilizing this plugin.",Wordpress,"Woody Code Snippets – Insert Header Footer Code, Adsense Ads",9.9,CRITICAL,0.00044999999227002263,false,,false,false,true,true,false,false,2024-06-15T08:42:14.653Z,0
CVE-2020-36759,https://securityvulnerability.io/vulnerability/CVE-2020-36759,Cross-Site Request Forgery Vulnerability in Woody Code Snippets Plugin for WordPress,"The Woody Code Snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery, allowing unauthenticated attackers to manipulate code snippets remotely. This vulnerability arises from inadequate nonce validation in the runActions() function. By tricking a site administrator into performing an unintended action, attackers can activate or deactivate snippets, potentially compromising site integrity and security.",Wordpress,"Woody Code Snippets – Insert Header Footer Code, Adsense Ads",4.3,MEDIUM,0.0014700000174343586,false,,false,false,false,,false,false,2023-10-20T07:29:36.978Z,0