CVE-2024-3806 | Porto Plugin up to 7.1.0 on WordPress porto_ajax_posts file inclusion

Posted by Angelo Barbosa | May 8, 2024 | CVE

A vulnerability was found in Porto Plugin up to 7.1.0 on WordPress. It has been classified as critical. Affected is the function porto_ajax_posts. The manipulation leads to file inclusion.

This vulnerability is traded as CVE-2024-3806. The attack can only be done within the local network. There is no exploit available.

CVE-2024-3806 | Porto Plugin up to 7.1.0 on WordPress porto_ajax_posts file inclusion

Related Posts

CVE-2024-2637 | B&R Industrial Automation VC4 Files uncontrolled search path

CVE-2024-30300 | Adobe Framemaker Publishing Server up to 2020.3/2022.2 information disclosure (apsb24-38)

CVE-2024-42033 | Huawei HarmonyOS/EMUI Security Verification Module logic error

CVE-2024-37129 | Dell Inventory Collector prior 12.3.0.6 path traversal (dsa-2024-263)