Unrated severityNVD Advisory· Published Aug 16, 2024· Updated Sep 13, 2024

Grow by Tradedoubler <= 2.0.21 - Unauthenticated LFI

CVE-2024-6460

Description

The Grow by Tradedoubler WordPress plugin through 2.0.21 is vulnerable to Local File Inclusion via the component parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files.

Affected products

Unknown/Grow By Tradedoublerv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wpscan.com/vulnerability/ba2f53e0-30be-4f37-91bc-5fa151f1eee7/mitreexploitvdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.073
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000