• caglararli@hotmail.com
  • 05386281520

CVE-2024-5574 | codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress blockLayout filename control

Çağlar Arlı      -    25 Views

CVE-2024-5574 | codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress blockLayout filename control

A vulnerability was found in codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation of the argument blockLayout leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is uniquely identified as CVE-2024-5574. It is possible to initiate the attack remotely. There is no exploit available.