3 matches found
CVE-2024-44012
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in wpdev33 WP Newsletter Subscription wp-newsletter-subscription allows PHP Local File Inclusion.This issue affects WP Newsletter Subscription: from n/a through = 1.1...
CVE-2024-44012
CVE-2024-44012 is a Local File Inclusion (path traversal) vulnerability in the WP Newsletter Subscription plugin for WordPress, affecting versions n/a through 1.1. The issue stems from improper restriction of pathnames, enabling PHP Local File Inclusion. Public sources in connected docs confirm t...
WordPress WP Newsletter Subscription Plugin <= 1.1 is vulnerable to Local File Inclusion
Software WP Newsletter Subscription Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-44012 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 47db4abe89e4 Credits tahu.datar Required privilege...