Path Traversal and Local File Inclusion Vulnerability in Include Me WordPress Plugin: Risk of Remote Code Execution and System Compromise
CVE-2021-24453 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution (RCE) of the system due to log poisoning and therefore potentially a full compromise of the underlying structure
Learn more about our Wordpress Pen Testing.