Lucene search
HistoryJun 10, 2024 - 4:15 p.m.
CVE-2024-35677
cve-2024-35677
stylemixthemes
megamenu
php
local file inclusion
path traversal
vulnerability
restriction
directory
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
39.5%
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in StylemixThemes MegaMenu allows PHP Local File Inclusion.This issue affects MegaMenu: from n/a through 2.3.12.
Affected configurations
Node
stylemixthemesmega_menuRange<2.3.13wordpress
Related
vulnrichment
vulnrichment
cve
cve
CVE-2024-35677
2024-06-10 16:15:15
wpvulndb
wpvulndb
MegaMenu < 2.3.13 - Unauthenticated Local File Inclusion
2024-06-13 00:00:00
cvelist
cvelist
wordfence
wordfence
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
39.5%
Related for NVD:CVE-2024-35677