CVE-2024-1790 - Vulnerability Details - OpenCVE

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 7.0.1 via the 'type' parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. This is limited to Windows instances.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00568.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/ajax-load-more/trunk/admin/functions/layouts.php#L14
https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/admin/functions/layouts.php
https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/core/functions.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/86090ab4-9f1d-4a92-a302-118524a5ffaa?source=cve

History

Wed, 08 Apr 2026 17:45:00 +0000

Type	Values Removed	Values Added
Title		Ajax Load More <= 7.0.1 - Authenticated (Admin+) Directory Traversal to Arbitrary File Read
Weaknesses		CWE-22

Thu, 26 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-04-09T18:59:03.441Z

Updated: 2026-04-08T17:04:42.348Z

Reserved: 2024-02-22T19:28:48.694Z

Link: CVE-2024-1790

Vulnrichment

Updated: 2024-08-01T18:48:21.984Z

NVD

Status : Awaiting Analysis

Published: 2024-04-09T19:15:19.267

Modified: 2026-04-08T18:20:49.920

Link: CVE-2024-1790

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-1790", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-02-22T19:28:48.694Z", "datePublished": "2024-04-09T18:59:03.441Z", "dateUpdated": "2026-04-08T17:04:42.348Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:04:42.348Z"}, "affected": [{"vendor": "dcooney", "product": "Ajax Load More \u2013 Infinite Scroll, Load More, & Lazy Load", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "7.0.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WordPress Infinite Scroll \u2013 Ajax Load More plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 7.0.1 via the 'type' parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. This is limited to Windows instances."}], "title": "Ajax Load More <= 7.0.1 - Authenticated (Admin+) Directory Traversal to Arbitrary File Read", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86090ab4-9f1d-4a92-a302-118524a5ffaa?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/ajax-load-more/trunk/admin/functions/layouts.php#L14"}, {"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/core/functions.php"}, {"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/admin/functions/layouts.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Hoa Le Ngoc"}], "timeline": [{"time": "2024-03-26T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1790", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-11T17:41:45.911842Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T18:00:19.439Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:21.984Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86090ab4-9f1d-4a92-a302-118524a5ffaa?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/ajax-load-more/trunk/admin/functions/layouts.php#L14", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/core/functions.php", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/admin/functions/layouts.php", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86090ab4-9f1d-4a92-a302-118524a5ffaa?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/ajax-load-more/trunk/admin/functions/layouts.php#L14", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/core/functions.php", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/admin/functions/layouts.php", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:21.984Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1790", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-11T17:41:45.911842Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:23.391Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Hoa Le Ngoc"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "connekthq", "product": "WordPress Infinite Scroll \u2013 Ajax Load More", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "7.0.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-03-26T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86090ab4-9f1d-4a92-a302-118524a5ffaa?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/ajax-load-more/trunk/admin/functions/layouts.php#L14"}, {"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/core/functions.php"}, {"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/admin/functions/layouts.php"}], "descriptions": [{"lang": "en", "value": "The WordPress Infinite Scroll \u2013 Ajax Load More plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 7.0.1 via the 'type' parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. This is limited to Windows instances."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-09T18:59:03.441Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1790", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:48:21.984Z", "dateReserved": "2024-02-22T19:28:48.694Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-04-09T18:59:03.441Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WordPress Infinite Scroll \u2013 Ajax Load More plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 7.0.1 via the 'type' parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. This is limited to Windows instances."}, {"lang": "es", "value": "El complemento WordPress Infinite Scroll \u2013 Ajax Load More para WordPress es vulnerable a Path Traversal en todas las versiones hasta la 7.0.1 incluida a trav\u00e9s del par\u00e1metro 'type'. Esto hace posible que atacantes autenticados, con acceso de nivel de administrador y superior, lean el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial. Esto est\u00e1 limitado a instancias de Windows."}], "id": "CVE-2024-1790", "lastModified": "2026-04-08T18:20:49.920", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-04-09T19:15:19.267", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ajax-load-more/trunk/admin/functions/layouts.php#L14"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/admin/functions/layouts.php"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/core/functions.php"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86090ab4-9f1d-4a92-a302-118524a5ffaa?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/browser/ajax-load-more/trunk/admin/functions/layouts.php#L14"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/admin/functions/layouts.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/core/functions.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86090ab4-9f1d-4a92-a302-118524a5ffaa?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Primary"}]}