{"uuid": "6cce3056-4bed-45ca-aced-790811259298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6386", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1578", "content": "{VIP} WPML Multilingual CMS - Authenticated (Contributor+) RCE via SSTI\n\nThe WPML Multilingual CMS Plugin for WordPress used by over 1M sites is susceptible to an Authenticated (Contributor+) Rem0te C0de Execution (RCE) vulnerability through a Twig SSTI.\n\nCVSS Score: 9.9\nCVE-ID: CVE-2024-6386\nLinks: Mitre, NVD\nActive installations: 1,000,000+\n\nThis exploit installed in VIP.", "creation_timestamp": "2024-08-29T16:04:17.000000Z"}