CVE-2024-12036 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.9 via the get_widget_settings_json() function…
High CVSS: 7.5

CVE-2024-12036

The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.9 via the get_widget_settings_json() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Vendor
-
Product
-
CWE
CWE-73
Yayın Tarihi
2025-03-07 09:15:14
Güncelleme
2025-03-07 09:15:14
Source Identifier
security@wordfence.com
KEV Date Added
-

Kategoriler

CWE-73 HIGH 2025

Referanslar

https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636 https://www.wordfence.com/threat-intel/vulnerabilities/id/5ed1978e-1dd7-45d3-829a-1a75c1789827?source=cve