CVE-2024-22636

Name of the Vulnerable Software and Affected Versions PluXml Blog version 5.8.9

Description The issue is related to a remote code execution (RCE) vulnerability in the Static Pages feature of PluXml Blog. This vulnerability can be exploited by injecting a crafted payload into the Content field.

Recommendations For PluXml Blog version 5.8.9, as a temporary workaround, consider disabling the Static Pages feature until a patch is available. Restrict access to the Content field in the Static Pages feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.