CVE-2024-3673 | Web Directory Free Plugin up to 1.7.2 on WordPress include path traversal

Posted by Angelo Barbosa | Aug 30, 2024 | CVE

A vulnerability was found in Web Directory Free Plugin up to 1.7.2 on WordPress. It has been classified as critical. Affected is the function include. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2024-3673. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3673 | Web Directory Free Plugin up to 1.7.2 on WordPress include path traversal

Related Posts

CVE-2024-0246 | IceWarp 12.0.2.1/12.0.3.1 Utility Download /install/ lang cross site scripting

CVE-2024-41613 | Symphony CMS 2.7.10 Note cross site scripting

CVE-2022-45850 | Nickys Image Map Pro Plugin up to 5.6.8 on WordPress cross-site request forgery

CVE-2024-29783 | Google Android tmu_get_tr_thresholds out-of-bounds