WordPress Widget & Block Control Plugin Security Update Advisory (CVE-2024-8672)

Dec 03 2024

Overview

An update has been released to address vulnerabilities in WordPress Widget & Block Control Plugin. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-8672

Widget Options versions: ~ 4.0.7 (inclusive)

Resolved Vulnerabilities

Vulnerability that allows remote code execution via the eval() function by an authenticated user (CVE-2024-8672)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-8672

Widget Options version: 4.0.8

Referenced Sites

[1] CVE-2024-8672 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-8672

[2] Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 – Authenticated (Contributor+) Remote Code Execution

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/widget-options/widget-options-the-1-wordpress-widget-block-control-plugin-407-authenticated-contributor-remote-code-execution

WordPress Widget & Block Control Plugin Security Update Advisory (CVE-2024-8672)

Google Android Product Line December 2024 Routine Security Update Advisory

Pandora FMS Security Update Advisory (CVE-2024-11320)

Tags:

Google Android Product Line December 2024 Routine Security Update Advisory

Pandora FMS Security Update Advisory (CVE-2024-11320)