CVE-2024-53800

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rezgo Rezgo allows PHP Local File Inclusion.This issue affects Rezgo: from n/a through 4.15.
Configurations

Configuration 1 (hide)

cpe:2.3:a:rezgo:rezgo_online_booking:*:*:*:*:*:wordpress:*:*

History

20 Jun 2025, 18:08

Type Values Removed Values Added
First Time Rezgo rezgo Online Booking
Rezgo
CPE cpe:2.3:a:rezgo:rezgo_online_booking:*:*:*:*:*:wordpress:*:*
Summary
  • (es) Vulnerabilidad de control inadecuado del nombre de archivo para la declaración Include/Require en el programa PHP ('Inclusión de archivo remoto PHP') en Rezgo Rezgo permite la inclusión de archivos locales PHP. Este problema afecta a Rezgo: desde n/a hasta 4.15.
References () https://patchstack.com/database/wordpress/plugin/rezgo/vulnerability/wordpress-rezgo-online-booking-plugin-4-15-local-file-inclusion-vulnerability?_s_id=cve - () https://patchstack.com/database/wordpress/plugin/rezgo/vulnerability/wordpress-rezgo-online-booking-plugin-4-15-local-file-inclusion-vulnerability?_s_id=cve - Third Party Advisory

07 Jan 2025, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-01-07 16:15

Updated : 2025-06-20 18:08


NVD link : CVE-2024-53800

Mitre link : CVE-2024-53800

CVE.ORG link : CVE-2024-53800


JSON object : View

Products Affected

rezgo

  • rezgo_online_booking
CWE
CWE-98

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

CWE-829

Inclusion of Functionality from Untrusted Control Sphere