4 matches found
CVE-2024-3499
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the generatenavigationmarkup function of the Onepage Scroll module. This makes it possible for authenticated attackers, with contributor-level access and...
CVE-2024-3499
The CVE-2024-3499 entry concerns ElementsKit Elementor addons and Templates Library for WordPress. Impact arises from a Local File Inclusion in the Onepage Scroll module’s generate_navigation_markup function, enabling an authenticated attacker with contributor+ privileges to include and execute a...
CVE-2024-3499 ElementsKit Elementor addons <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Onepage Scroll Module
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the generatenavigationmarkup function of the Onepage Scroll module. This makes it possible for authenticated attackers, with contributor-level access and...
WordPress Elements kit Elementor addons Plugin <= 3.1.0 is vulnerable to Local File Inclusion
Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.1.0 Fixed in 3.1.1 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-3499 Patch priority Low CVSS severity Low 8.5 Developer Wpmet PSID 43728e112e86 Credits Webbernaut Required privilege Contribut...