CVE-2024-3500

The ElementsKit Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.0 via the Price Menu, Hotspot, and Advanced Toggle widgets. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...

CVE-2024-3500

The ElementsKit Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.0 via the Price Menu, Hotspot, and Advanced Toggle widgets. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...

PT-2024-26287 · WordPress · Elementskit Pro

Name of the Vulnerable Software and Affected Versions: ElementsKit Pro plugin for WordPress versions up to, and including, 3.6.0 Description: The issue allows authenticated attackers with contributor-level access and above to include and execute arbitrary files on the server. This can be used to...

WordPress Plugin ElementsKit Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress ElementsKit Pro plugin <= 3.6.0 - Authenticated (Contributor+) Local File Inclusion via Price Menu, Hotspot, and Advanced Toggle Widgets vulnerability

Authenticated Contributor+ Local File Inclusion via Price Menu, Hotspot, and Advanced Toggle Widgets vulnerability discovered by Webbernaut in WordPress Plugin ElementsKit Pro versions = 3.6.0...