WordPress Plugin Security Update Advisory (CVE-2024-10957)

Jan 07 2025

Overview

We have released a security update to address a vulnerability in UpdraftPlus for WordPress. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2024-10957

UpdraftPlus versions: 1.23.8 (inclusive) ~ 1.24.11 (inclusive)

Resolved Vulnerabilities

PHP Object injection vulnerability in the UpdraftPlus plugin (CVE-2024-10957)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-10957

UpdraftPlus Version: 1.24.12

References

[1] Nuclei Template Signature Verification Bypass
https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-7h5p-mmpp-hgmm

WordPress Plugin Security Update Advisory (CVE-2024-10957)

Nuclei Security Update Advisory (CVE-2024-43405)

Tiki Wiki CMS Security Update Advisory (CVE-2024-47919)

Tags:

Nuclei Security Update Advisory (CVE-2024-43405)

Tiki Wiki CMS Security Update Advisory (CVE-2024-47919)