CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2024-49271

CVSS 9.1v3.1pub. 2024-10-16upd. 2026-04-23

Deserialization of Untrusted Data vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for-elementor allows Command Injection.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through <= 1.5.121.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Unlimited Elements For Elementor

    APP
    Unlimited-Elements
    < 1.5.122
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Deserialization
CWE
References

Related vulnerabilities

CVE-2023-33930CRITICAL9.1PL ✓ten sam produkt

Nieograniczony upload plików w wtyczce Unlimited Elements For Elementor

CVE-2023-31090CRITICAL9.9PL ✓ten sam produkt

Unrestricted File Upload umożliwiający Web Shell w pluginie Unlimited Elements For Elementor

CVE-2023-31231CRITICAL9.9PL ✓ten sam produkt

Unrestricted File Upload w wtyczce Unlimited Elements For Elementor

CVE-2024-45454HIGH7.1ten sam produkt

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimite...

CVE-2023-31080HIGH8.3ten sam produkt

Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addo...