CVE-2021-24644

November 24, 2021

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue

Summary:

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue

Reference Links(if available):

  • https://wpscan.com/vulnerability/5a363eeb-9510-4535-97e2-9dfd3b10d511

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    hkcert

    Cisco Products Multiple Vulnerabilities

    April 25, 2024
    HIBP Banner 1

    T2 – 94,584 breached accounts

    April 25, 2024
    CISA Logo

    CISA: CISA Releases Three Industrial Control Systems Advisories

    April 25, 2024
    CISA Logo

    CISA: CISA Releases Four Industrial Control Systems Advisories

    April 25, 2024
    CISA Logo

    CISA: Oracle Releases Critical Patch Update Advisory for April 2024

    April 25, 2024