CVE-2024-32111

Improper Limitation of a Pathname to a Restricted Directory (‘Path
Traversal’) vulnerability in Automattic WordPress allows Relative Path
Traversal.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4
through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1
through 6.1.6, from 6.0 through 6.0.8, from 5.9 through 5.9.9, from 5.8
through 5.8.9, from 5.7 through 5.7.11, from 5.6 through 5.6.13, from 5.5
through 5.5.14, from 5.4 through 5.4.15, from 5.3 through 5.3.17, from 5.2
through 5.2.20, from 5.1 through 5.1.18, from 5.0 through 5.0.21, from 4.9
through 4.9.25, from 4.8 through 4.8.24, from 4.7 through 4.7.28, from 4.6
through 4.6.28, from 4.5 through 4.5.31, from 4.4 through 4.4.32, from 4.3
through 4.3.33, from 4.2 through 4.2.37, from 4.1 through 4.1.40.

Bugs

• <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074486&gt;