CVE-2024-5574 | codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress blockLayout filename control

Posted by Angelo Barbosa | Jun 19, 2024 | CVE

A vulnerability was found in codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation of the argument blockLayout leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is uniquely identified as CVE-2024-5574. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-5574 | codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress blockLayout filename control

Related Posts

CVE-2024-37352 | Absolute Secure Access up to 13.05 Management UI cross site scripting

CVE-2024-27517 | Webasyst 2.9.9 Blog cross site scripting (Issue 377)

CVE-2024-33915 | Bowo Debug Log Manager Plugin up to 2.3.1 on WordPress authorization

CVE-2024-44253 | Apple macOS up to 13.6/14.6 access control