Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson Easy

链接： https://github.com/advisories/GHSA-q246-98gq-xrh4

CVSS 评分： 10.0

参考链接：

https://nvd.nist.gov/vuln/detail/CVE-2025-49302
https://patchstack.com/database/wordpress/plugin/easy-stripe/vulnerability/wordpress-easy-stripe-1-1-remote-code-execution-rce-vulnerability?_s_id=cve
https://github.com/advisories/GHSA-q246-98gq-xrh4

描述：

Improper Control of Generation of Code (‘Code Injection’) vulnerability in Scott Paterson Easy Stripe allows Remote Code Inclusion. This issue affects Easy Stripe: from n/a through 1.1.

安全公告

#Github Advisory

Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson Easy

http://example.com/2025/07/04/github_3351981931/

作者

lianccc

发布于

2025年7月4日

许可协议

Deserialization of Untrusted Data vulnerability in BestWpDeveloper WooCommerce Product Multi 上一篇

Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege 下一篇