Vulnerabilities > CVE-2021-24644 - Unspecified vulnerability in Imagestowebp Project Images to Webp

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
imagestowebp-project

Summary

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue

Vulnerable Configurations

Part Description Count
Application
Imagestowebp_Project
1