ГлавнаяУязвимости → CVE-2024-6164
9.8критическая

CVE-2024-6164

Описание

The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.

Затрагиваемое ПО
Ymc-22 Filter \& grids
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/