Lucene search

CVE-2024-2385

🗓️ 04 Jul 2024 04:14:15Reported by [email protected]Type

The Elementor Addons by Livemesh WordPress plugin v8.3.7 and earlier allows contributor-level authenticated attackers to execute arbitrary PHP code via 'style' attribute, leading to local file inclusion

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2024-2385 Elementor Addons by Livemesh <= 8.3.7 - Authenticated (Contributor+) Limited Local File Inclusion via Widgets	4 Jul 202403:32	–	cvelist
Vulnrichment	CVE-2024-2385 Elementor Addons by Livemesh <= 8.3.7 - Authenticated (Contributor+) Limited Local File Inclusion via Widgets	4 Jul 202403:32	–	vulnrichment
CVE	CVE-2024-2385	4 Jul 202404:15	–	cve
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (July 1, 2024 to July 7, 2024)	11 Jul 202415:09	–	wordfence

Nvd

Node

livemeshelementor addons_for_elementorRange≤8.3.7wordpress

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/0aa3ec9b-80d5-4e31-8045-43c8d151cab8
plugins	www.plugins.trac.wordpress.org/browser/addons-for-elementor/tags/8.3.5/includes/helper-functions.php
plugins	www.plugins.trac.wordpress.org/browser/addons-for-elementor/tags/8.3.5/includes/widgets/heading.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Jul 2024 04:15Current

CVSS38.8

EPSS0.00961