2 matches found
CVE-2024-4346
The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.7.13. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to...
WordPress Startklar Elementor Addons Plugin <= 1.7.13 is vulnerable to Arbitrary File Deletion
Software Startklar Elementor Addons Type Plugin Vulnerable versions = 1.7.13 Fixed in 1.7.14 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-4346 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID ae9a780a26b1 Credits István Márton...