CVE-2022-29447 – WordPress Hover Effects plugin <= 2.1 - Authenticated Local File Inclusion (LFI) vulnerability
https://notcve.org/view.php?id=CVE-2022-29447
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress. Una vulnerabilidad de Inclusión de Archivos Locales (LFI) autenticado (administrador o rol de usuario superior) en el plugin Hover Effects de Wow-Company versiones anteriores a 2.1 incluyéndola, en WordPress • https://patchstack.com/database/vulnerability/hover-effects/wordpress-hover-effects-plugin-2-1-authenticated-local-file-inclusion-lfi-vulnerability https://wordpress.org/plugins/hover-effects/#developers • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') CWE-552: Files or Directories Accessible to External Parties •