Exploit for CVE-2024-6386

  1. Home
  2. Uncategorized
  3. Exploit for CVE-2024-6386

Exploit for CVE-2024-6386

The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via Twig Server-Side Template Injection. This is due to missing input validation and sanitization on the render function. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.

Published: 2024-08-21

CVSS: 9.9

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Download Exploit for CVE-2024-6386 here:

Use Tor Browser to access .onion links.

Check our team here:

https://wednesfieldacademy.com/exploit-953-cve-2024-47606/

https://wednesfieldacademy.com/exploit-942-cve-2010-1871/

https://wednesfieldacademy.com/exploit-573-cve-2018-2380/

https://wednesfieldacademy.com/exploit-999-cve-2024-20359/

https://wednesfieldacademy.com/exploit-562-cve-2025-9478/

Latest News

Follow us on Social Media

Popular Pages

Contact Info

Wednesfield Academy
Lichfield Road
Wednesfield, Wolverhampton
West Midlands
WV11 3ES

T: 01902 558 222

postbox@wednesfieldacademy.co.uk

Monday - Thursday: 8:00 am - 4:00 pm
Friday: 8:00 am - 3:30 pm

Copyright 2026 © All Rights Reserved

 Privacy Notice

CEOP-1

Loading