CVE-2024-32111
CVSS V2 None
CVSS V3 None
Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic WordPress allows Relative Path Traversal.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1 through 6.1.6, from 6.0 through 6.0.8, from 5.9 through 5.9.9, from 5.8 through 5.8.9, from 5.7 through 5.7.11, from 5.6 through 5.6.13, from 5.5 through 5.5.14, from 5.4 through 5.4.15, from 5.3 through 5.3.17, from 5.2 through 5.2.20, from 5.1 through 5.1.18, from 5.0 through 5.0.21, from 4.9 through 4.9.25, from 4.8 through 4.8.24, from 4.7 through 4.7.28, from 4.6 through 4.6.28, from 4.5 through 4.5.31, from 4.4 through 4.4.32, from 4.3 through 4.3.33, from 4.2 through 4.2.37, from 4.1 through 4.1.40.
Overview
- CVE ID
- CVE-2024-32111
- Assigner
- Patchstack
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-06-25T13:35:45.596Z
- Last Modified Date
- 2024-06-25T18:16:06.948Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://patchstack.com/database/vulnerability/wordpress/wordpress-core-6-5-5-contributor-arbitrary-html-file-read-windows-only-vulnerability?_s_id=cve | vdb-entry |
| https://wordpress.org/news/2024/06/wordpress-6-5-5/ | release-notes |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-32111 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32111 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 19:28:03 | Added to TrackCVE |