3 matches found
CVE-2024-5348
The Elements For Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.1 via the 'beforeafterlayout' attribute of the beforeafter widget, the 'eventsgridlayout' attribute of the eventsgrid and list widgets, the 'marqueelayout' attribute of th...
WordPress Elements For Elementor Plugin <= 2.1 is vulnerable to Local File Inclusion
Software Elements For Elementor Type Plugin Vulnerable versions = 2.1 Fixed in 2.2 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-5348 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 9e9484637a31 Credits stealthcopter Required privilege...
CVE-2024-5348
The Elements For Elementor plugin (WordPress) is affected by CVE-2024-5348: Local File Inclusion in all versions up to 2.1 via multiple widget attributes (beforeafter_layout, eventsgrid_layout, marquee_layout, postgrid_layout, woocart_layout, woogrid_layout). Authenticated attackers with Contribu...