CVE-2024-6330

The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt