VYPR
Unrated severityNVD Advisory· Published Jul 29, 2024· Updated Aug 1, 2024

Ultimate Classified Listings < 1.3 - Unauthenticated LFI

CVE-2024-5882

Description

The Ultimate Classified Listings WordPress plugin before 1.3 does not validate the ucl_page and layout parameters allowing unauthenticated users to access PHP files on the server from the listings page

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.