CVE-2024-37462

State: PUBLISHED · Published: 2024-07-09 · Updated: 2024-08-02 · Assigner: Patchstack

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows Path Traversal.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.2.

CWE

CWE-22 — CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected

G5Theme / Ultimate Bootstrap Elements for Elementor — v=n/a ≤1.4.2 [affected]

CVSS

3.1 score=8.5 severity=HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

References

https://patchstack.com/database/vulnerability/ultimate-bootstrap-elements-for-elementor/wordpress-ultimate-bootstrap-elements-for-elementor-plugin-1-4-2-local-file-inclusion-vulnerability?_s_id=cve vdb-entry

Source

cvelistV5-main/cves/2024/37xxx/CVE-2024-37462.json