CVE-2024-3673 | Web Directory Free Plugin up to 1.7.2 on WordPress include path traversal

Posted by Angelo Barbosa | Aug 30, 2024 | CVE

A vulnerability was found in Web Directory Free Plugin up to 1.7.2 on WordPress. It has been classified as critical. Affected is the function include. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2024-3673. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3673 | Web Directory Free Plugin up to 1.7.2 on WordPress include path traversal

Related Posts

CVE-2024-31410 | CyberPower PowerPanel up to 4.9.0 hard-coded key (icsa-24-123-01)

CVE-2024-47355 | CozyThemes Cozy Blocks Plugin up to 2.0.11 on WordPress cross site scripting

CVE-2024-7913 | itsourcecode Billing System 1.0 /addclient1.php lname/fname/mi/address/contact/meterReader sql injection

CVE-2024-10810 | code-projects E-Health Care System 1.0 Doctor/app_request.php app_id sql injection