CVE-2024-27971 – WordPress Premmerce Permalink Manager for WooCommerce plugin <= 2.3.10 - Local File Inclusion vulnerability

https://notcve.org/view.php?id=CVE-2024-27971

13 Mar 2024 — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Premmerce Premmerce Permalink Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Premmerce Permalink Manager for WooCommerce: from n/a through 2.3.10. Limitación incorrecta de un nombre de ruta a una vulnerabilidad de directorio restringido ("Path Traversal") en Premmerce Premmerce Permalink Manager para WooCommerce permite la inclusión de archivos locales PHP. Este problema afecta a Premm... • https://github.com/truonghuuphuc/CVE-2024-27971-Note • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •