3 matches found
CVE-2024-4551
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...
CVE-2024-4551 Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Authenticated (Contributor+) Arbitrary File Inclusion via Shortcode
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...
WordPress Video Gallery Plugin <= 1.3.13 is vulnerable to Local File Inclusion
Software Video Gallery Type Plugin Vulnerable versions = 1.3.13 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-4551 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 0a0b54f79834 Credits Foxyyy Required privilege Contributor Publishe...