Skip to main content
CVE-2024-12583 CRITICAL This Week

The Dynamics 365 Integration plugin for WordPress is vulnerable to Remote Code Execution and Arbitrary File Read in all versions up to, and including, 1.3.23 via Twig Server-Side Template Injection. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ssti WordPress
NVD
CVSS 3.1
9.9
EPSS
9.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy