A vulnerability was found in ThemeNectar Salient Core Plugin up to 2.0.7 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function
nectar_icon
of the component Shortcode Handler. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).
This vulnerability is known as CVE-2024-3812. The attack can be launched remotely. There is no exploit available.