CVE-2024-5574

The WP Magazine Modules Lite plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.2 via the 'blockLayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files ...

WordPress plugin WP Magazine Modules Lite security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress WP Magazine Modules Lite plugin <= 1.1.2 - Authenticated Local File Inclusion vulnerability

Authenticated Local File Inclusion vulnerability discovered by stealthcopter in WordPress Plugin WP Magazine Modules Lite versions = 1.1.2...

WordPress WP Magazine Modules Lite Plugin <= 1.1.2 is vulnerable to Local File Inclusion

Software WP Magazine Modules Lite Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-5574 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 60f52a06449e Credits stealthcopter Required privilege...