CVE-2024-37420

Name of the Vulnerable Software and Affected Versions Zita Elementor Site Library versions 1.6.1 and earlier

Description The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. This could be exploited by uploading malicious files.

Recommendations For versions 1.6.1 and earlier, update to a version later than 1.6.1 to resolve the issue. As a temporary workaround, consider restricting file uploads to only necessary and safe file types until a patch is available. Restrict access to the file upload functionality to minimize the risk of exploitation.