CVE-2024-8304

Name of the Vulnerable Software and Affected Versions: jpress versions up to 5.1.1

Description: A critical vulnerability has been found in the Template Module Handler component of jpress, affecting an unknown functionality of the file /admin/template/edit. The manipulation leads to path traversal, and the attack can be launched remotely.

Recommendations: For jpress versions up to 5.1.1, consider restricting access to the /admin/template/edit file until a patch is available. As a temporary workaround, avoid using the Template Module Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.