vulnerability

WordPress Plugin: plainview-activity-monitor: CVE-2018-15877: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Try Surface Command
Back to search
Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
Aug 26, 2018
Added
May 15, 2025
Modified
May 15, 2025

Description

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?pageequal toplainview_activity_monitorandtabequal toactivity_tools request.

Solution

plainview-activity-monitor-plugin-cve-2018-15877

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today