CVE-2024-52441

9.8

Critical

Published:20 Nov 2024

Last updated:17 Jun 2026

Source:audit@patchstack.com

Deferred

Weakness (CWE)

CWE-1321Prototype Pollution

CVSS Vector

v3.1

Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High

View on MITRE Find PoC on GitHub

Description

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Rajesh Thanoch Quick Learn quick-learn allows Object Injection.This issue affects Quick Learn: from n/a through <= 1.0.1.

References

audit@patchstack.com

https://patchstack.com/database/Wordpress/Plugin/quick-learn/vulnerability/wordpress-quick-learn-plugin-1-0-1-php-object-injection-vulnerability?_s_id=cve