2 matches found
CVE-2024-5577 Where I Was, Where I Will Be <= 1.1.1 - Unauthenticated Remote File Inclusion
The Where I Was, Where I Will Be plugin for WordPress is vulnerable to Remote File Inclusion in version = 1.1.1 via the WIWHEADER parameter of the /system/include/includeuser.php file. This makes it possible for unauthenticated attackers to include and execute arbitrary files hosted on external...
WordPress Where I Was, Where I Will Be Plugin <= 1.1.1 is vulnerable to Remote File Inclusion
Software Where I Was, Where I Will Be Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Remote File Inclusion CVE CVE-2024-5577 Patch priority Low CVSS severity Low 9 Developer Claim ownership PSID d67a5f36ea60 Credits Jonas Höbenreich Required privile...