Description

Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Code Injection.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.66.

Related CPE's

a

unlimited-elements

unlimited_elements_for_elementor

*

*

*

*

*

wordpress

Vulnerable

References

https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-66-unrestricted-zip-extraction-vulnerability?_s_id=cve

Third Party Advisory

https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-66-unrestricted-zip-extraction-vulnerability?_s_id=cve

Third Party Advisory

Weaknesses

[email protected]

Secondary
CWE-434

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

9.1 · Critical

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-06-04T05:15:42.433Z

1 year ago

Last modified

2025-02-05T14:35:49.303Z

1 year ago