CVE-2024-37420

🗓️ 09 Jul 2024 10:18:45Reported by PatchstackType

Unrestricted file upload vulnerability in WPZita Zita Elementor Site Librar

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-37420	9 Jul 202413:56	–	circl
CNNVD	WordPress plugin Zita Elementor Site Library Code Issue Vulnerability	9 Jul 202400:00	–	cnnvd
Cvelist	CVE-2024-37420 WordPress Zita Elementor Site Library plugin <= 1.6.1 - Arbitrary Code Execution vulnerability	9 Jul 202410:18	–	cvelist
EUVD	EUVD-2024-36651	3 Oct 202520:07	–	euvd
NVD	CVE-2024-37420	9 Jul 202411:15	–	nvd
Patchstack	WordPress Zita Elementor Site Library plugin <= 1.6.1 - Arbitrary Code Execution vulnerability	28 Jun 202408:11	–	patchstack
Patchstack	WordPress Zita Elementor Site Library Plugin <= 1.6.1 is vulnerable to Arbitrary Code Execution	28 Jun 202400:00	–	patchstack
Positive Technologies	PT-2024-27538 · Unknown · Zita Elementor Site Library	9 Jul 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-37420	5 Feb 202500:37	–	redhatcve
Vulnrichment	CVE-2024-37420 WordPress Zita Elementor Site Library plugin <= 1.6.1 - Arbitrary Code Execution vulnerability	9 Jul 202410:18	–	vulnrichment

Vulners

Vulnrichment

Node

wpzita zita_elementor_site_libraryRange≤1.6.1wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "zita-site-library",
    "product": "Zita Elementor Site Library",
    "vendor": "WPZita",
    "versions": [
      {
        "changes": [
          {
            "at": "1.6.2",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "1.6.1",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/zita-site-library/wordpress-zita-elementor-site-library-plugin-1-6-1-arbitrary-code-execution-vulnerability

28 Apr 2026 16:09Current

9.4High risk

Vulners AI Score9.4

CVSS 3.19.9

EPSS0.00889

SSVC

CWE-434