cleantalk
Vulnerabilities and Security Researches

Filter & Grids, CVE-2024-6164

CVE, Research URL

CVE-2024-6164

Home page URL

Security reports for Filter & Grids

Application

Filter & Grids

Published on
Jul 18, 2024
Research Description
The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.
Affected versions
max 2.8.33.
Status
vulnerable
Previous vulnerability researches
Filter & Grids (CVE-2025-10289) , Jan 09, 2026
Filter & Grids (CVE-2024-6164) , Jul 03, 2024
Filter & Grids (CVE-2024-39665) , Aug 03, 2024
Filter & Grids (CVE-2024-39664) , Aug 05, 2024
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button – Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026