CVE-2024-3673 | Web Directory Free Plugin up to 1.7.2 on WordPress include path traversal

Posted by Angelo Barbosa | Aug 30, 2024 | CVE

A vulnerability was found in Web Directory Free Plugin up to 1.7.2 on WordPress. It has been classified as critical. Affected is the function include. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2024-3673. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3673 | Web Directory Free Plugin up to 1.7.2 on WordPress include path traversal

Related Posts

CVE-2024-8042 | Rapid7 Insight Platform up to 20240813 name/description authorization

CVE-2024-9381 | Ivanti Cloud Services Appliance up to 5.0.1 Restrictions path traversal

CVE-2024-22103 | Mitsubishi Electric CPU Module Logging Configuration Tool out-of-bounds write (icsa-24-135-04)

CVE-2024-8461 | D-Link DNS-320 2.02b01 Web Management Interface /cgi-bin/discovery.cgi information disclosure (SAP10383)