Back

CVE-2024-6460

Aug. 16, 2024, 6:15 a.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Grow by Tradedoubler WordPress plugin

  • 2.0.21

Source

contact@wpscan.com

Tags

contact@wpscan.com
2024-08-16
CVE-2024-6460

CVE-2024-6460 details

Published : Aug. 16, 2024, 6:15 a.m.
Last Modified : Aug. 16, 2024, 6:15 a.m.

Description

The Grow by Tradedoubler WordPress plugin through 2.0.21 is vulnerable to Local File Inclusion via the component parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://wpscan.com/vulnerability/ba2f53e0-30be-4f37-91bc-5fa151f1eee7/ contact@wpscan.com
This website uses the NVD API, but is not approved or certified by it.