5 matches found
CVE-2024-5153
The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzonehash' parameter. This makes it possible for unauthenticated attackers to copy the contents of arbitrary files on the server, which can contain...
CVE-2024-5153 Startklar Elementor Addons <= 1.7.15 - Unauthenticated Path Traversal to Arbitrary Directory Deletion
The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzonehash' parameter. This makes it possible for unauthenticated attackers to copy the contents of arbitrary files on the server, which can contain...
CVE-2024-5153 Startklar Elementor Addons <= 1.7.15 - Unauthenticated Path Traversal to Arbitrary Directory Deletion
The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzonehash' parameter. This makes it possible for unauthenticated attackers to copy the contents of arbitrary files on the server, which can contain...
CVE-2024-5153
The CVE CVE-2024-5153 affects Startklar Elementor Addons for WordPress. A directory traversal flaw, exploitable via the dropzone_hash parameter, exists in every version up to 1.7.15. Exploitation does not require authentication and can allow an attacker to copy arbitrary files from the server and...
WordPress Startklar Elementor Addons Plugin <= 1.7.15 is vulnerable to Arbitrary File Deletion
Software Startklar Elementor Addons Type Plugin Vulnerable versions = 1.7.15 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-5153 Patch priority High CVSS severity High 9.1 Developer Claim ownership PSID ac59d6e1fb44 Credits stealthcopter...