CVE-2024-52428

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Peter Ads Booster by Ads Pro free-wp-booster-by-ads-pro allows PHP Local File Inclusion.This issue affects Ads Booster by Ads Pro: from n/a through = 1.12...

PT-2024-35268 · Ads Pro · Ads Booster

Name of the Vulnerable Software and Affected Versions: Ads Booster by Ads Pro versions 1.12 and earlier Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as PHP Remote File Inclusion. This allows PHP Local File Inclusion. Th...

CVE-2024-52386

CVE-2024-52386 affects the WordPress plugin ** Classified Listing** (RadiusTheme) in the Business Directory Team. The vulnerability is an Improper Control of Filename for Include/Require Statement (PHP Remote File Inclusion) that enables a PHP Local File Inclusion condition. Affected versions are...

CVE-2024-52386 WordPress Classified Listing plugin <= 3.1.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Classified Listing classified-listing allows PHP Local File Inclusion.This issue affects Classified Listing: from n/a through = 3.1.16...

CVE-2024-50457

CVE-2024-50457 is a Local File Inclusion vulnerability in the WordPress plugin Qode Essential Addons (versions

CVE-2024-50497

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wdesco Advanced Online Ordering and Delivery Platform advanced-online-ordering-and-delivery-platform allows PHP Local File Inclusion.This issue affects Advanced Online Ordering a...

CVE-2024-49690

CVE-2024-49690 is a Local File Inclusion vulnerability in WordPress Qi Blocks (Qi Blocks)

CVE-2024-49701

CVE-2024-49701 describes a Local File Inclusion in the WordPress Theme Mags up to version 1.1.6 due to improper control of filenames in PHP Include/Require statements. Exploitation details are not provided beyond the vulnerability class; affected product is the Mags theme (WordPress plugin)

PT-2024-33653

Name of the Vulnerable Software and Affected Versions: Theme Horse Mags versions 1.1.6 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This is a type of vulnerability where an...

CVE-2024-49317

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ZIPANG Point Maker point-maker allows PHP Local File Inclusion.This issue affects Point Maker: from n/a through = 0.1.4...

CVE-2024-41925 Optigo Networks ONS-S8 Spectra Aggregation Switch PHP Remote File Inclusion

The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user input, allowing an attacker to traverse directories, bypass authentication, and execute remote code...

CVE-2024-43261

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Hamed Naderfar Compute Links allows PHP Remote File Inclusion.This issue affects Compute Links: from n/a through 1.2.1...

CVE-2024-43261

CVE-2024-43261 affects the Compute Links WordPress plugin. The vulnerability is an Unauthenticated Remote File Inclusion caused by improper control of filenames in include/require statements in PHP. Affected versions are listed as “from n/a through 1.2.1.” The CVSS v3.1 base score is 9.6 (Attack ...

CVE-2024-35650

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through = 1.3.0...

CVE-2024-35629

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Wow-Company Easy Digital Downloads – Recent Purchases allows PHP Remote File Inclusion.This issue affects Easy Digital Downloads – Recent Purchases: from n/a through 1.0.2...

CVE-2024-35629 WordPress Easy Digital Downloads – Recent Purchases plugin <= 1.0.2 - Remote File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Wow-Company Easy Digital Downloads – Recent Purchases allows PHP Remote File Inclusion.This issue affects Easy Digital Downloads – Recent Purchases: from n/a through 1.0.2...

RHEL 8 : 7.3_php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php: Overflowing the length of string causes crash CVE-2017-8923 - In PHP versions 7.2.x below 7.2.34,...

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024)

Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 184 vulnerabilities disclosed in 146 WordPres...

RaspAP Vulnerable to Code Injection via an Unknown Process in File `includes/provider.php`

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

FlatPress < 1.3 Multiple Vulnerabilities

FlatPress is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...