CVE-2024-56278

CRITICAL

CVSS v3

9.1

CRITICAL

EPSS Score

42.6%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Smackcoders WP Ultimate Exporter allows PHP Remote File Inclusion.This issue affects WP Ultimate Exporter: from n/a through 2.9.1.

Technical Details

Published
1/7/2025

Frequently Asked Questions

What is CVE-2024-56278?

Improper Control of Generation of Code ('Code Injection') vulnerability in Smackcoders WP Ultimate Exporter allows PHP Remote File Inclusion.This issue affects WP Ultimate Exporter: from n/a through 2.9.1.

Is CVE-2024-56278 actively exploited?

Active exploitation of CVE-2024-56278 has not been confirmed. The EPSS score is 42.6%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-56278?

CVE-2024-56278 has a CVSS v3 base score of 9.1 (CRITICAL severity).

Is CVE-2024-56278 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.