RCE in Is-human Wordpress Plugin

CVE-2011-10033

The WordPress plugin is-human <= v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval…

EPSS: 0.004 (34.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References