4 matches found
CVE-2024-3813
The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'tdblocktitle' shortcode 'blocktemplateid' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and...
CVE-2024-3813 tagDiv Composer <= 4.8 - Authenticated (Contributor+) Local File Inclusion via Shortcode
The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'tdblocktitle' shortcode 'blocktemplateid' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and...
CVE-2024-3813 tagDiv Composer <= 4.8 - Authenticated (Contributor+) Local File Inclusion via Shortcode
The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'tdblocktitle' shortcode 'blocktemplateid' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and...
WordPress tagDiv Composer Plugin <= 4.8 is vulnerable to Local File Inclusion
Software tagDiv Composer Type Plugin Vulnerable versions = 4.8 Fixed in 4.9 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-3813 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 5ffa96c3f191 Credits István Márton Required privilege Contributor...