CVE-2024-4670 | All-in-One Video Gallery Plugin up to 3.6.5 on WordPress Shortcode aiovg_search_form file inclusion

Inserito da Angelo Barbosa | Mag 15, 2024 | CVE

A vulnerability was found in All-in-One Video Gallery Plugin up to 3.6.5 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function aiovg_search_form of the component Shortcode Handler. The manipulation leads to file inclusion.

This vulnerability is known as CVE-2024-4670. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-4670 | All-in-One Video Gallery Plugin up to 3.6.5 on WordPress Shortcode aiovg_search_form file inclusion

Post correlati

CVE-2015-10127 | PlusCaptcha Plugin up to 2.0.6 on WordPress cross site scripting

CVE-2024-35085 | J2EEFAST 2.7.0 ProcessDefinitionMapper.xml findPage sql injection

CVE-2024-25714 | Rhonabwy up to 1.1.13 HMAC strcmp signature verification

CVE-2021-47059 | Linux Kernel up to 5.10.36/5.11.20/5.12/5.12.3 sun8i-ss memory leak