Lucene search
HistoryJun 24, 2024 - 12:15 p.m.
CVE-2024-37089
cve-2024-37089
vulnerability
path traversal
stylemixthemes consulting.
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.8%
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0.
Affected configurations
Node
stylemixthemesconsulting_elementor_widgetsRange<1.3.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| stylemixthemes | consulting_elementor_widgets | * | cpe:2.3:a:stylemixthemes:consulting_elementor_widgets:*:*:*:*:*:wordpress:*:* |
Related
cve
cve
CVE-2024-37089
2024-06-24 12:15:09
vulnrichment
vulnrichment
cvelist
cvelist
wordfence
wordfence
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.8%
Related for NVD:CVE-2024-37089