CVE-2024-9193 | creativeon WHMpress Plugin up to 6.3-revision-0 on WordPress /admin/services.php whmpress_domain_search_ajax_extended_results filename control

A vulnerability, which was classified as critical, was found in creativeon WHMpress Plugin up to 6.3-revision-0 on WordPress. Affected is the function whmpress_domain_search_ajax_extended_results of the file /admin/services.php. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is traded as CVE-2024-9193. It is possible to launch the attack remotely. There is no exploit available.VulDB Recent EntriesRead More