cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-6297,https://securityvulnerability.io/vulnerability/CVE-2024-6297,Malicious PHP Scripts Injected into Compromised WordPress Plugins,"A significant vulnerability has emerged involving several WordPress plugins that have been compromised through malicious code injection. This vulnerability has permitted threat actors to alter the source code of multiple plugins, embedding harmful PHP scripts designed to exfiltrate sensitive database credentials. Furthermore, the compromised plugins are enabling the creation of unauthorized administrator users, thereby escalating the potential for data breaches and further exploitation. Currently, many affected plugins have not been remediated, and it is strongly advised to uninstall these plugins and conduct thorough malware scans to ensure the integrity of websites.",Wordpress,"Social Sharing Plugin – Social Warfare,Contact Form 7 Multi-step Addon,Simply Show Hooks,Wrapper Link Elementor,Blaze Retail Widget",10,CRITICAL,0.0004400000034365803,false,,false,false,false,,false,false,2024-06-25T03:30:37.970Z,0