Lucene search
WpvulndbWPVDB-ID:4D7DFCC6-8C32-4E0D-B3BB-7E2685916E2BHistoryFeb 09, 2024 - 12:00 a.m.
Elementor < 3.19.1 - Authenticated(Contributor+) Arbitrary File Deletion and PHAR Deserialization
2024-02-0900:00:00
wpscan.com
27
elementor
wordpress
arbitrary file deletions
phar deserialization
authenticated attackers
contributor-level access
remote code execution
Description The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to arbitrary file deletions and PHAR deserialization in version up to, and including 3.19.0. This is due to the plugin not providing sufficient path validation on the ‘tmp_name’ parameter . This makes it possible for authenticated attackers, with contributor-level access and above, to delete arbitrary files and inject PHP Objects through the use of a phar wrapper, both of which can lead to remote code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 3.19.1 |
Related
cvelist
cvelist
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-24934
2024-05-17 09:15:25
cve
cve
CVE-2024-24934
2024-05-17 09:15:25
wordfence
wordfence
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.6%
Related for WPVDB-ID:4D7DFCC6-8C32-4E0D-B3BB-7E2685916E2B