2 matches found
CVE-2024-3107
CVE-2024-3107 (Spectra – WordPress Gutenberg Blocks) : The Spectra plugin for WordPress is vulnerable to a Path Traversal flaw in get_block_default_attributes, affecting versions up to 2.12.6. Authenticated users with contributor-level permissions and above can read arbitrary files named attribut...
WordPress Spectra Plugin <= 2.12.6 is vulnerable to Path Traversal
Software Spectra Type Plugin Vulnerable versions = 2.12.6 Fixed in 2.12.7 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2024-3107 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 52350fa92b9f Credits Ngô Thiên An ancorn Required privilege Contributor...