Unrated severityNVD Advisory· Published Jul 29, 2024· Updated Aug 1, 2024
Ultimate Classified Listings < 1.3 - Unauthenticated LFI
CVE-2024-5882
Description
The Ultimate Classified Listings WordPress plugin before 1.3 does not validate the ucl_page and layout parameters allowing unauthenticated users to access PHP files on the server from the listings page
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/5e8d7808-8f3e-4fc9-a1e7-e108da031ca7/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.