3 matches found
CVE-2024-6459
The News Element Elementor Blog Magazine WordPress plugin before 1.0.6 is vulnerable to Local File Inclusion via the template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files...
CVE-2024-6459 News Element Elementor Blog Magazine < 1.0.6 - Unauthenticated LFI
The News Element Elementor Blog Magazine WordPress plugin before 1.0.6 is vulnerable to Local File Inclusion via the template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files...
WordPress News Element Elementor Blog Magazine Plugin < 1.0.6 is vulnerable to Local File Inclusion
Software News Element Elementor Blog Magazine Type Plugin Vulnerable versions 1.0.6 Fixed in 1.0.6 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-6459 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 9cdb1b21de6f Credits Project Black Required...