WordPress Plugin Vulnerabilities

Web Directory Free < 1.7.3 - Unauthenticated LFI

Description

The plugin does not validate a parameter before using it in an include(), which could lead to Local File Inclusion issues.

Proof of Concept

Affects Plugins

Plugin icon
web-directory-free
Fixed in 1.7.3

References

CVE
CVE-2024-3673

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
8.6 (high)

Miscellaneous

Original Researcher
Simone Onofri, Kim Cerra, Andrea De Dominicis
Submitter
Simone Onofri, Kim Cerra, Andrea De Dominicis
Submitter website
https://onofri.org
Submitter twitter
simoneonofri
Verified
Yes
WPVDB ID
0e8930cb-e176-4406-a43f-a6032471debf

Timeline

Publicly Published
2024-08-09 (about 1 year ago)
Added
2024-08-09 (about 1 year ago)
Last Updated
2024-08-09 (about 1 year ago)

Other

Published
Title
Published
2025-04-03
Title
Docxpresso <= 2.6 - Authenticated (Contributor+) Arbitrary File Download
Published
2025-03-06
Title
Ultimate Video Player < 10.1 - Unauthenticated Arbitrary File Download
Published
2025-01-08
Title
Post Grid Master < 3.4.13 - Missing Authorization to Unauthenticated Local PHP File Inclusion
Published
2023-01-24
Title
LearnPress Plugin < 4.2.0 - Unauthenticated LFI
Published
2024-01-19
Title
Photo Gallery by 10Web - Mobile-Friendly Image Gallery < 1.8.20 - Directory Traversal to Arbitrary File Rename