18 May

Vulnerability Details: Remote Code Execution (RCE) Vulnerability in BibleGet I/O

Our Vulnerability Details posts provides the details of a vulnerability we didn't discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in the details posts as well.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can sign up here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

One thought on “Vulnerability Details: Remote Code Execution (RCE) Vulnerability in BibleGet I/O

  1. the current code doesn’t have any restriction on who can access the functionality.

    That means it is still open to the “other XSS”: Cross-Site Styling. That’s not as serious as Cross-Site Scripting, since it is less well known, but it still can be exploited.

Leave a Reply

Your email address will not be published. Required fields are marked *