CVE-2024-5574 | codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress blockLayout filename control

Posted by Angelo Barbosa | Jun 19, 2024 | CVE

A vulnerability was found in codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation of the argument blockLayout leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is uniquely identified as CVE-2024-5574. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-5574 | codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress blockLayout filename control

Related Posts

CVE-2024-46952 | Artifex Ghostscript up to 10.03.x PDF XRef Stream pdf/pdf_xref.c buffer overflow

CVE-2024-10040 | Infinite-Scroll Plugin up to 2.6.2 on WordPress Setting cross-site request forgery

CVE-2024-39891 | Twilio Authy on Android/iOS API improper authentication

CVE-2024-29143 | Cozmoslabs Passwordless Login Plugin up to 1.1.2 on WordPress cross site scripting