5 matches found
CVE-2021-24644
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...
CVE-2021-24644
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...
CVE-2021-24644
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...
CVE-2021-24644 Images to WebP < 1.9 - Authenticated Local File Inclusion
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...
CVE-2021-24644
CVE-2021-24644 affects the Images to WebP WordPress plugin (versions prior to 1.9). The root cause is that the tab parameter is not validated/sanitized before being passed to include(), enabling Local File Inclusion. Exploitation context in connected data indicates an authenticated LFI scenario, ...