CVE-2024-13471 | designthemes DesignThemes Core Features Plugin up to 4.7 on WordPress dt_process_imported_file path traversal

Posted by Angelo Barbosa | Mar 5, 2025 | CVE

A vulnerability classified as critical was found in designthemes DesignThemes Core Features Plugin up to 4.7 on WordPress. Affected by this vulnerability is the function dt_process_imported_file. The manipulation leads to path traversal.

This vulnerability is known as CVE-2024-13471. The attack can be launched remotely. There is no exploit available.

CVE-2024-13471 | designthemes DesignThemes Core Features Plugin up to 4.7 on WordPress dt_process_imported_file path traversal

Related Posts

CVE-2024-41677 | QwikDev qwik up to 1.5.x cross site scripting (GHSA-2rwj-7xq8-4gx4)

CVE-2024-10345 | Helix Core up to 2024.1 shutdown resource consumption

CVE-2024-30310 | Adobe Acrobat Reader up to 20.005.30574/24.002.20736 out-of-bounds write (apsb24-29)

CVE-2024-21832 | Ping Identity PingFederate up to 11.0.9/11.1.9/11.2.8/11.3.4/12.0.0 REST API code injection