4 matches found
CVE-2024-35650
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through = 1.3.0...
CVE-2024-35650 WordPress MelaPress Login Security plugin <= 1.3.0 - Remote File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through = 1.3.0...
CVE-2024-35650
The CVE CVE-2024-35650 concerns the MelaPress Login Security WordPress plugin. It is described as an authenticated (Admin+) PHP Remote File Inclusion vulnerability caused by improper control of the filename used in include/require statements. Affected software: Melapress Login Security versions u...
WordPress MelaPress Login Security Plugin <= 1.3.0 is vulnerable to Local File Inclusion
Software MelaPress Login Security Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-35650 Patch priority Low CVSS severity Low 4.9 Developer Melapress PSID 4d21f4313833 Credits YCInfosec Required privilege...