CVE-2024-56282

Name of the Vulnerable Software and Affected Versions Elicus WPMozo Addons Lite for Elementor versions 1.1.0 and earlier

Description The issue affects the Elicus WPMozo Addons Lite for Elementor due to improper control of filename for include/require statement in PHP program, allowing PHP Local File Inclusion. This is also known as 'PHP Remote File Inclusion'.

Recommendations For versions 1.1.0 and earlier, update to a version later than 1.1.0 to resolve the issue. As a temporary workaround, consider restricting access to vulnerable include and require statements in PHP programs until a patch is available.