- USDT(TRC-20)
- $933.0
CVE ID : CVE-2024-5577
Published : June 14, 2024, 8:15 a.m. | 1 hour, 25 minutes ago
Description : The Where I Was, Where I Will Be plugin for WordPress is vulnerable to Remote File Inclusion in version system/include/include_user.php file. This makes it possible for unauthenticated attackers to include and execute arbitrary files hosted on external servers, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution. This requires allow_url_include to be set to true in order to exploit, which is not commonly enabled.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Reply if you wish me to write a poc tools of this exploit for you.
Published : June 14, 2024, 8:15 a.m. | 1 hour, 25 minutes ago
Description : The Where I Was, Where I Will Be plugin for WordPress is vulnerable to Remote File Inclusion in version system/include/include_user.php file. This makes it possible for unauthenticated attackers to include and execute arbitrary files hosted on external servers, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution. This requires allow_url_include to be set to true in order to exploit, which is not commonly enabled.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Reply if you wish me to write a poc tools of this exploit for you.
![[DK]](/data/avatars/s/57/57999.jpg?1720990206){kind=avatar}
