{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-56230", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2024-12-18T19:04:02.340Z", "datePublished": "2024-12-31T09:58:31.961Z", "dateUpdated": "2026-04-01T15:40:34.099Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "dynamic-product-categories-design", "product": "Dynamic Product Category Grid, Slider for WooCommerce", "vendor": "Maidul", "versions": [{"changes": [{"at": "1.1.4", "status": "unaffected"}], "lessThanOrEqual": "1.1.3", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:31:08.601Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Maidul Dynamic Product Category Grid, Slider for WooCommerce dynamic-product-categories-design allows PHP Local File Inclusion.<p>This issue affects Dynamic Product Category Grid, Slider for WooCommerce: from n/a through <= 1.1.3.</p>"}], "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Maidul Dynamic Product Category Grid, Slider for WooCommerce dynamic-product-categories-design allows PHP Local File Inclusion.This issue affects Dynamic Product Category Grid, Slider for WooCommerce: from n/a through <= 1.1.3."}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-01T15:40:34.099Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/dynamic-product-categories-design/vulnerability/wordpress-dynamic-product-category-grid-slider-for-woocommerce-plugin-1-1-3-local-file-inclusion-vulnerability?_s_id=cve"}], "title": "WordPress Dynamic Product Category Grid, Slider for WooCommerce plugin <= 1.1.3 - Local File Inclusion vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-02T19:32:46.765948Z", "id": "CVE-2024-56230", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-02T19:32:54.470Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-56230", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-02T19:32:46.765948Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-02T19:32:51.170Z"}}], "cna": {"title": "WordPress Dynamic Product Category Grid, Slider for WooCommerce plugin <= 1.1.3 - Local File Inclusion vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jo\u00e3o Pedro Soares de Alc\u00e2ntara - Kinorth (Patchstack Alliance)"}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "CAPEC-252 PHP Local File Inclusion"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dynamic Web Lab", "product": "Dynamic Product Category Grid, Slider for WooCommerce", "versions": [{"status": "affected", "changes": [{"at": "1.1.4", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "1.1.3"}], "packageName": "dynamic-product-categories-design", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update the WordPress Dynamic Product Category Grid, Slider for WooCommerce plugin to the latest available version (at least 1.1.4).", "supportingMedia": [{"type": "text/html", "value": "Update the WordPress Dynamic Product Category Grid, Slider for WooCommerce plugin to the latest available version (at least 1.1.4).", "base64": false}]}], "references": [{"url": "https://patchstack.com/database/wordpress/plugin/dynamic-product-categories-design/vulnerability/wordpress-dynamic-product-category-grid-slider-for-woocommerce-plugin-1-1-3-local-file-inclusion-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dynamic Web Lab Dynamic Product Category Grid, Slider for WooCommerce allows PHP Local File Inclusion.This issue affects Dynamic Product Category Grid, Slider for WooCommerce: from n/a through 1.1.3.", "supportingMedia": [{"type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dynamic Web Lab Dynamic Product Category Grid, Slider for WooCommerce allows PHP Local File Inclusion.<p>This issue affects Dynamic Product Category Grid, Slider for WooCommerce: from n/a through 1.1.3.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-98", "description": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2024-12-31T09:58:31.961Z"}}}, "cveMetadata": {"cveId": "CVE-2024-56230", "state": "PUBLISHED", "dateUpdated": "2025-01-02T19:32:54.470Z", "dateReserved": "2024-12-18T19:04:02.340Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2024-12-31T09:58:31.961Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Maidul Dynamic Product Category Grid, Slider for WooCommerce dynamic-product-categories-design allows PHP Local File Inclusion.This issue affects Dynamic Product Category Grid, Slider for WooCommerce: from n/a through <= 1.1.3."}, {"lang": "es", "value": "Vulnerabilidad de control inadecuado del nombre de archivo para la declaraci\u00f3n Include/Require en el programa PHP ('Inclusi\u00f3n de archivo remoto PHP') en Dynamic Web Lab Dynamic Product Category Grid, Slider para WooCommerce permite la inclusi\u00f3n de archivos locales PHP. Este problema afecta a Dynamic Product Category Grid, Slider para WooCommerce: desde n/a hasta 1.1.3."}], "id": "CVE-2024-56230", "lastModified": "2026-04-01T16:21:44.323", "metrics": {}, "published": "2024-12-31T10:15:10.930", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/dynamic-product-categories-design/vulnerability/wordpress-dynamic-product-category-grid-slider-for-woocommerce-plugin-1-1-3-local-file-inclusion-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-98"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{}