The WordPress PDF Light Viewer Plugin WordPress plugin before 1.4.12 allows users with Author roles to execute arbitrary OS command on the server via OS Command Injection when invoking Ghostscript.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2021-10-18T13:45:58

Updated: 2024-08-03T19:42:16.127Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24684

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-10-18T14:15:09.643

Modified: 2024-11-21T05:53:33.570

Link: CVE-2021-24684

cve-icon Redhat

No data.