High severity7.5NVD Advisory· Published May 8, 2025· Updated Jun 17, 2026
CVE-2024-6648
CVE-2024-6648
Description
Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'product_item_path' within the 'config' JSON file, allowing them to read any file on the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <4.0.0
- Apollo Theme/AP Page Builderv5Range: 0
Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-ap-page-buildernvdThird Party Advisory
News mentions
0No linked articles in our index yet.