CVE-2024-37423

Name of the Vulnerable Software and Affected Versions Automattic Newspack Blocks versions n/a through 3.0.8

Description The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This vulnerability allows Path Traversal in Automattic Newspack Blocks.

Recommendations For versions n/a through 3.0.8, update to a version later than 3.0.8 to resolve the issue. As a temporary workaround, consider restricting access to sensitive directories to minimize the risk of exploitation.