CVE-2024-43271

Name of the Vulnerable Software and Affected Versions Woo Products Widgets For Elementor versions n/a through 2.0.0

Description The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability, which allows PHP Local File Inclusion. This vulnerability affects Woo Products Widgets For Elementor, enabling potential attackers to access and include local files, posing a risk to cybersecurity.

Recommendations For Woo Products Widgets For Elementor versions n/a through 2.0.0, consider disabling the vulnerable component until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation. Avoid using vulnerable functions or parameters that may be associated with the Path Traversal issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.