A vulnerability was found in Porto Plugin up to 7.1.0 on WordPress. It has been classified as critical. Affected is the function
porto_ajax_posts
. The manipulation leads to file inclusion.
This vulnerability is traded as CVE-2024-3806. The attack can only be done within the local network. There is no exploit available.