CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2023-33930

CVSS 9.1v3.1pub. 2024-06-04upd. 2025-02-05

Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Code Injection.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.66.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Unlimited Elements For Elementor

    APP
    Unlimited-Elements
    < 1.5.67
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2024-49271CRITICAL9.1PL ✓ten sam produkt

RCE przez Deserialization w pluginie Unlimited Elements For Elementor

CVE-2023-31090CRITICAL9.9PL ✓ten sam produkt

Unrestricted File Upload umożliwiający Web Shell w pluginie Unlimited Elements For Elementor

CVE-2023-31231CRITICAL9.9PL ✓ten sam produkt

Unrestricted File Upload w wtyczce Unlimited Elements For Elementor

CVE-2024-45454HIGH7.1ten sam produkt

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimite...

CVE-2023-31080HIGH8.3ten sam produkt

Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addo...