cve/2024/CVE-2024-32111.md

### [CVE-2024-32111](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32111)
![](https://img.shields.io/static/v1?label=Product&message=WordPress&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=4.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.6%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.7%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.8%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.9%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.6%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.7%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.8%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.9%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brightgreen)

### Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic WordPress allows Relative Path Traversal.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1 through 6.1.6, from 6.0 through 6.0.8, from 5.9 through 5.9.9, from 5.8 through 5.8.9, from 5.7 through 5.7.11, from 5.6 through 5.6.13, from 5.5 through 5.5.14, from 5.4 through 5.4.15, from 5.3 through 5.3.17, from 5.2 through 5.2.20, from 5.1 through 5.1.18, from 5.0 through 5.0.21, from 4.9 through 4.9.25, from 4.8 through 4.8.24, from 4.7 through 4.7.28, from 4.6 through 4.6.28, from 4.5 through 4.5.31, from 4.4 through 4.4.32, from 4.3 through 4.3.33, from 4.2 through 4.2.37, from 4.1 through 4.1.40.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/20142995/nuclei-templates
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`### [CVE-2024-32111](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32111)`
			`![](https://img.shields.io/static/v1?label=Product&message=WordPress&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.2%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.3%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.4%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.5%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.6%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.7%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.8%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.9%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.2%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.3%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.4%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.5%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.6%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.7%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.8%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.9%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=6.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=6.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=6.2%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=6.3%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=6.4%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=6.5%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brightgreen)`

			`### Description`

			Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic WordPress allows Relative Path Traversal.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1 through 6.1.6, from 6.0 through 6.0.8, from 5.9 through 5.9.9, from 5.8 through 5.8.9, from 5.7 through 5.7.11, from 5.6 through 5.6.13, from 5.5 through 5.5.14, from 5.4 through 5.4.15, from 5.3 through 5.3.17, from 5.2 through 5.2.20, from 5.1 through 5.1.18, from 5.0 through 5.0.21, from 4.9 through 4.9.25, from 4.8 through 4.8.24, from 4.7 through 4.7.28, from 4.6 through 4.6.28, from 4.5 through 4.5.31, from 4.4 through 4.4.32, from 4.3 through 4.3.33, from 4.2 through 4.2.37, from 4.1 through 4.1.40.

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/20142995/nuclei-templates`