Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/02/05 10:15 a.m.22 views

CVE-2024-3813

The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'tdblocktitle' shortcode 'blocktemplateid' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and...

8.8CVSS7.5AI score0.00657EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/06/15 2:1 a.m.17 views

CVE-2024-3813 tagDiv Composer <= 4.8 - Authenticated (Contributor+) Local File Inclusion via Shortcode

The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'tdblocktitle' shortcode 'blocktemplateid' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and...

8.8CVSS7.7AI score0.00657EPSS
Exploits0References2
cvelist
cvelist
added 2024/06/15 2:1 a.m.44 views

CVE-2024-3813 tagDiv Composer <= 4.8 - Authenticated (Contributor+) Local File Inclusion via Shortcode

The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'tdblocktitle' shortcode 'blocktemplateid' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and...

8.8CVSS0.00657EPSS
Exploits0References2
patchstack
patchstack
added 2024/04/18 12:0 a.m.19 views

WordPress tagDiv Composer Plugin <= 4.8 is vulnerable to Local File Inclusion

Software tagDiv Composer Type Plugin Vulnerable versions = 4.8 Fixed in 4.9 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-3813 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 5ffa96c3f191 Credits István Márton Required privilege Contributor...

8.8CVSS6.9AI score0.00657EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder