Overview
- Description
- The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4 (for Time Clock Pro) via the 'etimeclockwp_load_function_callback' function. This allows unauthenticated attackers to execute code on the server. The invoked function's parameters cannot be specified.
- Source
- security@wordfence.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.3
- Impact score
- 3.7
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
- Severity
- HIGH
Weaknesses
- security@wordfence.com
- CWE-94
Social media
- Hype score
- Not currently trending
#CVE-2024-9593 This vulnerability is simple and crude, but the damage is definitely not high-risk. You can only control the function name, not the parameters, and the use is very limited. #ZoomEye mapping has 67 results. #BugBounty #bugbountytips #tipoftheday #CyberSecurity https
@_r00tuser
30 Oct 2024
178 Impressions
1 Retweet
2 Likes
2 Bookmarks
1 Reply
0 Quotes
[CVE-2024-9593: HIGH] ⚠️ WordPress Time Clock & Time Clock Pro plugins versions up to 1.2.2 & 1.1.4 respectively are vulnerable to Remote Code Execution, letting unauthenticated attackers run code on the server.#cybersecurity,#vulnerability https://t.co/kSTADdW0pN https:/
@CveFindCom
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-9593 The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4… https://t.co/X9pdJGXoUD
@CVEnew
491 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-9593 CVE-2024-9593 Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution Description: The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable... https://t.co/i4usSRb14n
@VulmonFeeds
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wpplugin:time_clock:*:*:*:*:pro:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "B057E167-BA8B-4556-924E-9F1641ABB35F",
"versionEndIncluding": "1.1.4"
},
{
"criteria": "cpe:2.3:a:wpplugin:time_clock:*:*:*:*:-:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "C1CE6396-E04F-47F3-B8D0-E1A0CB2DEEB8",
"versionEndIncluding": "1.2.2"
}
],
"operator": "OR"
}
]
}
]