PT-2024-30446 · Elementor · Void Elementor Post Grid Addon
João Pedro S Alcântara
·
Published
2024-08-19
·
Updated
2024-08-19
·
CVE-2024-43281
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Void Elementor Post Grid Addon for Elementor Page builder versions prior to 2.3
Description
The issue affects the Void Elementor Post Grid Addon for Elementor Page builder, allowing PHP Local File Inclusion due to a Path Traversal vulnerability. This vulnerability poses risks such as data theft and Remote Code Execution (RCE).
Recommendations
For versions prior to 2.3, update to a version that includes the fix for this issue as soon as possible and check for signs of exploitation. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Void Elementor Post Grid Addon