Lucene search
K

4 matches found

NVD
NVD
added 2024/06/10 4:15 p.m.31 views

CVE-2024-35650

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through = 1.3.0...

7.2CVSS0.00558EPSS
Exploits0References2
CVE
CVE
added 2024/06/10 3:43 p.m.52 views

CVE-2024-35650

The CVE CVE-2024-35650 concerns the MelaPress Login Security WordPress plugin. It is described as an authenticated (Admin+) PHP Remote File Inclusion vulnerability caused by improper control of the filename used in include/require statements. Affected software: Melapress Login Security versions u...

7.2CVSS5.9AI score0.00558EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/10 3:43 p.m.31 views

CVE-2024-35650 WordPress MelaPress Login Security plugin <= 1.3.0 - Remote File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through = 1.3.0...

4.9CVSS0.00558EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/06/03 12:0 a.m.8 views

WordPress MelaPress Login Security Plugin <= 1.3.0 is vulnerable to Local File Inclusion

Software MelaPress Login Security Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-35650 Patch priority Low CVSS severity Low 4.9 Developer Melapress PSID 4d21f4313833 Credits YCInfosec Required privilege...

7.2CVSS6.8AI score0.00558EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder