CVE-2024-52498 – WordPress SP Blog Designer plugin <= 1.0.0 - Local File Inclusion vulnerability

https://notcve.org/view.php?id=CVE-2024-52498

20 Nov 2024 — Path Traversal: '.../...//' vulnerability in Softpulse Infotech SP Blog Designer allows PHP Local File Inclusion.This issue affects SP Blog Designer: from n/a through 1.0.0. Path Traversal: la vulnerabilidad '.../...//' en Softpulse Infotech SP Blog Designer permite la inclusión de archivos locales PHP. Este problema afecta a SP Blog Designer: desde n/a hasta 1.0.0. The SP Blog Designer plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.0.0. This makes it possible... • https://patchstack.com/database/wordpress/plugin/sp-blog-designer/vulnerability/wordpress-sp-blog-designer-plugin-1-0-0-local-file-inclusion-vulnerability?_s_id=cve • CWE-35: Path Traversal: '.../...//' CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •