PT-2024-30915 · WordPress · Wpwax Product Carousel Slider & Grid Ultimate

João Pedro S Alcântara

Published

2024-09-22

Updated

2024-09-26

CVE-2024-44048

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions wpWax Product Carousel Slider & Grid Ultimate for WooCommerce versions 1.9.10 and earlier

Description The issue is related to a Path Traversal vulnerability, which allows PHP Local File Inclusion. This vulnerability can be exploited by a malicious person to access unauthorized files.

Recommendations For versions 1.9.10 and earlier, update the plugin to the latest patched version immediately to prevent unauthorized access.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22CWE-98

Related Identifiers

CVE-2024-44048

Affected Products

Wpwax Product Carousel Slider & Grid Ultimate

PT-2024-30915 · WordPress · Wpwax Product Carousel Slider & Grid Ultimate

CVE-2024-44048

Weakness Enumeration

Related Identifiers

Affected Products

References · 8