3 matches found
CVE-2024-38716
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Blue Plugins Events Calendar for Google allows PHP Local File Inclusion.This issue affects Events Calendar for Google: from n/a through 2.1.0...
CVE-2024-38716
CVE-2024-38716 affects the WordPress plugin Events Calendar for Google (up to v2.1.0). The issue is an improper pathname limitation leading to a PHP Local File Inclusion (LFI) via path traversal, enabling access to local files on the server. The Wordfence entry lists this as a Local File Inclusio...
WordPress Events Calendar for Google Plugin <= 2.1.0 is vulnerable to Local File Inclusion
Software Events Calendar for Google Type Plugin Vulnerable versions = 2.1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-38716 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 305987aedf95 Credits João Pedro S Alcântar...