5 matches found
CVE-2024-34762
Vulnerability discovered by executing a planned security audit. Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPENGINE INC Advanced Custom Fields PRO allows PHP Local File Inclusion.This issue affects Advanced Custom Fields PRO: from n/a before 6.2....
CVE-2024-34762
Vulnerability discovered by executing a planned security audit. Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPENGINE INC Advanced Custom Fields PRO allows PHP Local File Inclusion.This issue affects Advanced Custom Fields PRO: from n/a before 6.2....
CVE-2024-34762 Wordpress Advanced Custom Fields Pro plugin < 6.2.10 - Contributor+ Local File Inclusion vulnerability
Vulnerability discovered by executing a planned security audit. Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPENGINE INC Advanced Custom Fields PRO allows PHP Local File Inclusion.This issue affects Advanced Custom Fields PRO: from n/a before 6.2....
CVE-2024-34762
CVE-2024-34762 affects the WordPress plugin Advanced Custom Fields Pro (WP ACF Pro). The issue is an improper limitation of pathnames to a restricted directory, enabling PHP Local File Inclusion. Public details indicate impact up to versions prior to 6.2.10 (with some sources noting an authentica...
WordPress Advanced Custom Fields PRO Plugin < 6.2.10 is vulnerable to Local File Inclusion
Software Advanced Custom Fields PRO Type Plugin Vulnerable versions 6.2.10 Fixed in 6.2.10 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-34762 Patch priority Low CVSS severity Low 9.9 Developer Claim ownership PSID c63a5562f29a Credits Security audit Required privile...