CVE-2024-35781

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in YAHMAN Word Balloon allows PHP Local File Inclusion.This issue affects Word Balloon: from n/a through 4.21.1...

CVE-2024-35781

CVE-2024-35781 is a Word Balloon WordPress plugin vulnerability (authenticated) that allows PHP Local File Inclusion due to improper pathname limitation. Affected: Word Balloon up to and including version 4.21.1. Root cause: path traversal restricting access to restricted directories is insuffici...

WordPress plugin Word Balloon path traversal vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

WordPress Plugin Cross-Site Scripting Vulnerability (CNVD-2021-59602)

WordPress is a blogging platform developed by the WordPress Wordpress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress Membership & Learning Management System Plugin for WordPress plugin prior to version 4.21.1, which stems from the plugin generating...