CVE-2024-35781
CVE-2024-35781 is a Word Balloon WordPress plugin vulnerability (authenticated) that allows PHP Local File Inclusion due to improper pathname limitation. Affected: Word Balloon up to and including version 4.21.1. Root cause: path traversal restricting access to restricted directories is insuffici...