Overview
- Description
- The WordPress Post Grid Layouts with Pagination – Sogrid plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.5.2 via the 'tab' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. This can also be exploited via CSRF techniques.
- Source
- security@wordfence.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- security@wordfence.com
- CWE-98
Social media
- Hype score
- Not currently trending
CVE Alert: CVE-2024-8392 - https://t.co/0nBIwmgfZj #OSINT #ThreatIntel #CyberSecurity #cve_2024_8392
@RedPacketSec
27 Oct 2024
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-8392 The WordPress Post Grid Layouts with Pagination – Sogrid plugin for WordP... https://t.co/f4mrx65k2f Vulnerability Notification: https://t.co/xhLrNnfyrO
@VulmonFeeds
26 Oct 2024
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-8392 The WordPress Post Grid Layouts with Pagination – Sogrid plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.5.2 via the … https://t.co/to6IlyLTxG
@CVEnew
26 Oct 2024
486 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes