CVE-2024-52428 | Ads Pro Scripteo Ads Booster Plugin up to 1.12 on WordPress filename control

Inserito da Angelo Barbosa | Nov 18, 2024 | CVE

A vulnerability was found in Ads Pro Scripteo Ads Booster Plugin up to 1.12 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is traded as CVE-2024-52428. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-52428 | Ads Pro Scripteo Ads Booster Plugin up to 1.12 on WordPress filename control

Post correlati

CVE-2024-31455 | Stacklok Minder 0.0.39 sql injection

CVE-2023-7158 | MicroPython up to 1.21.0 objslice.c slice_indices heap-based overflow (Issue 13007)

CVE-2024-4756 | WP Backpack Plugin up to 2.1 on WordPress cross site scripting

CVE-2022-48640 | Linux Kernel up to 5.15.70/5.19.11/6.0 Virtual Address bond_rr_gen_slave_id null pointer dereference (ec3a6f4ffe55/2c8e8ab53acf/0e400d602f46)