CVE-2024-51815
CVSS 3.1 Score 9 of 10 (high)
Details
Summary
CVE-2024-51815 is a Code Injection vulnerability affecting s2Member Pro, a popular WordPress membership plugin. The flaw allows an attacker to generate malicious code, potentially leading to unauthorized access or data breaches. This issue exists in all versions of s2Member Pro from n/a through 241114, making it a significant threat for a wide range of users. The vulnerability is caused by improper control of code generation within the plugin. Successful exploitation of this issue could result in arbitrary code execution and subsequent compromise of affected websites.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.