4 matches found
CVE-2024-10871
The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'paramscaf-post-layout' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...
WordPress Category Ajax Filter Plugin <= 2.8.2 is vulnerable to Local File Inclusion
Software Category Ajax Filter Type Plugin Vulnerable versions = 2.8.2 Fixed in 2.8.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-10871 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 41b4026eef43 Credits Le Ngoc Anh Required privilege...
CVE-2024-10871
creationtimestamp| type| source ---|---|--- 2024-11-09 07:51:17+00:00| seen| https://infosec.exchange/users/cve/statuses/113451904328749808 2024-11-09 09:56:29+00:00| seen| https://t.me/cvedetector/10282...
CVE-2024-10871 Category Ajax Filter <= 2.8.2 - Unauthenticated Local File Inclusion
The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'paramscaf-post-layout' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...