CVE-2024-11429 | galdub Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews Plugin Shortcode stars-testimonials-with-slider-and-masonry-grid filename control

A vulnerability was found in galdub Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews Plugin up to 3.3.3 on WordPress. It has been declared as problematic. This vulnerability affects the function stars-testimonials-with-slider-and-masonry-grid of the component Shortcode Handler. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability was named CVE-2024-11429. An attack has to be approached locally. There is no exploit available.

CVE-2024-11429 | galdub Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews Plugin Shortcode stars-testimonials-with-slider-and-masonry-grid filename control

Related Posts

CVE-2024-26810 | Linux Kernel up to 6.1.83/6.6.23/6.7.11/6.8.2 is_intx Privilege Escalation

CVE-2023-7130 | code-projects College Notes Gallery 2.0 login.php user sql injection

CVE-2024-6940 | DedeCMS 5.7.114 article_template_rand.php code injection

CVE-2024-25087 | Mitsubishi Electric CPU Module Logging Configuration Tool resource consumption (icsa-24-135-04)