6 matches found
CVE-2024-11600
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.6.0 via the 'writeconfig' function. This is due to a lack of sanitization on an imported JSON file. This makes it...
CVE-2024-11600
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.6.0 via the 'writeconfig' function. This is due to a lack of sanitization on an imported JSON file. This makes it...
CVE-2024-11600
creationtimestamp| type| source ---|---|--- 2025-01-30 13:46:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113917612335108975 2025-01-30 14:16:24+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxod4lall2t...
CVE-2024-11600 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.0 - Authenticated (Administrator+) Remote Code Execution
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.6.0 via the 'writeconfig' function. This is due to a lack of sanitization on an imported JSON file. This makes it...
CVE-2024-11600
CVE-2024-11600 affects the WordPress plugin Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg (versions up to 1.5.9). The issue is authenticated Remote Code Execution via the write_config function, caused by insufficient sanitization of an imported JSON file, allowin...
CVE-2024-11600 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.0 - Authenticated (Administrator+) Remote Code Execution
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.6.0 via the 'writeconfig' function. This is due to a lack of sanitization on an imported JSON file. This makes it...