CVE-2024-6330 Information

Description

The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP’s execution context which leads to Remote Code Execution.

Reference

https://wpscan.com/vulnerability/95b532e0-1ffb-421e-b9c0-de03f89491d7/