CVE-2021-24644

Images to WebP < 1.9 - Authenticated Local File Inclusion

EPSS 5.0%CWE-22

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue

Produtos afetados

Unknown · Images to WebP

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://wpscan.com/vulnerability/5a363eeb-9510-4535-97e2-9dfd3b10d511