Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 6:23 a.m.6 views

CVE-2024-5153

The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzonehash' parameter. This makes it possible for unauthenticated attackers to copy the contents of arbitrary files on the server, which can contain...

9.8CVSS6.9AI score0.01002EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/06 3:53 a.m.20 views

CVE-2024-5153 Startklar Elementor Addons <= 1.7.15 - Unauthenticated Path Traversal to Arbitrary Directory Deletion

The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzonehash' parameter. This makes it possible for unauthenticated attackers to copy the contents of arbitrary files on the server, which can contain...

9.1CVSS7AI score0.01002EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/06 3:53 a.m.24 views

CVE-2024-5153 Startklar Elementor Addons <= 1.7.15 - Unauthenticated Path Traversal to Arbitrary Directory Deletion

The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzonehash' parameter. This makes it possible for unauthenticated attackers to copy the contents of arbitrary files on the server, which can contain...

9.1CVSS9.2AI score0.01002EPSS
Exploits0References2
CVE
CVE
added 2024/06/06 3:53 a.m.61 views

CVE-2024-5153

The CVE CVE-2024-5153 affects Startklar Elementor Addons for WordPress. A directory traversal flaw, exploitable via the dropzone_hash parameter, exists in every version up to 1.7.15. Exploitation does not require authentication and can allow an attacker to copy arbitrary files from the server and...

9.8CVSS9.3AI score0.01002EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.13 views

WordPress Startklar Elementor Addons Plugin <= 1.7.15 is vulnerable to Arbitrary File Deletion

Software Startklar Elementor Addons Type Plugin Vulnerable versions = 1.7.15 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-5153 Patch priority High CVSS severity High 9.1 Developer Claim ownership PSID ac59d6e1fb44 Credits stealthcopter...

9.8CVSS6.5AI score0.01002EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder