Lucene search
CVE-2024-4471
Vulnerability in 140+ Widgets WordPress plugin version 1.4.3.1 allows PHP Object Injection via 'export_content' function, enabling authenticated attackers to inject PHP Objects leading to potential code execution, data retrieval, and file deletion
Show more
| Reporter | Title | Published | Views | Family All 6 |
|---|---|---|---|---|
 | WordPress Xpro Elementor Addons Plugin <= 1.4.3.1 is vulnerable to PHP Object Injection | 24 May 202400:00 | – | patchstack |
 | CVE-2024-4471 | 23 May 202413:15 | – | nvd |
 | CVE-2024-4471 140+ Widgets | Best Addons For Elementor – FREE <= 1.4.3.1 - Authenticated (Contributor+) PHP Object Injection | 23 May 202412:43 | – | vulnrichment |
 | CVE-2024-4471 140+ Widgets | Best Addons For Elementor – FREE <= 1.4.3.1 - Authenticated (Contributor+) PHP Object Injection | 23 May 202412:43 | – | cvelist |
 | 140+ Widgets | Best Addons For Elementor – FREE < 1.4.3.2 - Authenticated (Contributor+) PHP Object Injection | 23 May 202400:00 | – | wpvulndb |
 | Wordfence Intelligence Weekly WordPress Vulnerability Report (May 20, 2024 to May 26, 2024) | 30 May 202415:23 | – | wordfence |
Node
[
{
"vendor": "xpro",
"product": "140+ Widgets | Best Addons For Elementor – FREE",
"versions": [
{
"version": "*",
"status": "affected",
"lessThanOrEqual": "1.4.3.1",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo23 May 2024 13:15Current
8High risk
Vulners AI Score8
CVSS38
EPSS0.00045
SSVC