Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2024-6460
HistoryAug 16, 2024 - 6:00 a.m.

CVE-2024-6460 Grow by Tradedoubler <= 2.0.21 - Unauthenticated LFI

2024-08-1606:00:02
WPScan
www.cve.org
2
cve-2024-6460
grow by tradedoubler
local file inclusion
wordpress plugin
unauthenticated
lfi
php files
server security

EPSS

0

Percentile

9.5%

JSON

The Grow by Tradedoubler WordPress plugin through 2.0.21 is vulnerable to Local File Inclusion via the component parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files.

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "Grow by Tradedoubler",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThanOrEqual": "2.0.21"
      }
    ],
    "defaultStatus": "affected"
  }
]

Related

nvd 1
cve 1
vulnrichment 1
wordfence 1
nvd
nvd
CVE-2024-6460
2024-08-16 06:15:04
cve
cve
CVE-2024-6460
2024-08-16 06:15:04
vulnrichment
vulnrichment
CVE-2024-6460 Grow by Tradedoubler <= 2.0.21 - Unauthenticated LFI
2024-08-16 06:00:02
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 22, 2024 to July 28, 2024)
2024-08-01 14:18:10

EPSS

0

Percentile

9.5%

JSON
Related for CVELIST:CVE-2024-6460
nvd1cve1vulnrichment1wordfence1