Description
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
Remediation
References
Related Vulnerabilities
WordPress Plugin Updater by BestWebSoft Cross-Site Scripting (1.34)
Oracle HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2022-25235)
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.1)
WordPress Plugin DSGVO All in one for WP Cross-Site Scripting (3.9)
Oracle Database Server CVE-2008-2591 Vulnerability (CVE-2008-2591)