CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclusion issue

CWE 1 Total

Learn more

CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

Credits

Mohamed Magdy AbuMuslim

References 1 Total

https://wpscan.com/vulnerability/9b15d47e-43b6-49a8-b2c3-b99c92101e10
external site

Updated: 2024-08-03

This container includes required additional information provided by the CVE Program for this vulnerability.

References 1 Total

https://wpscan.com/vulnerability/9b15d47e-43b6-49a8-b2c3-b99c92101e10
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: WPScan

Description

CWE 1 Total

Product Status

Credits

References 1 Total

CVE Program

References 1 Total