CVE-2024-43140

State: PUBLISHED · Published: 2024-08-13 · Updated: 2024-08-13 · Assigner: Patchstack

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.4.

CWE

CWE-22 — CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected

G5Theme / Ultimate Bootstrap Elements for Elementor — v=n/a ≤1.4.4 [affected]

CVSS

3.1 score=7.5 severity=HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

https://patchstack.com/database/vulnerability/ultimate-bootstrap-elements-for-elementor/wordpress-ultimate-bootstrap-elements-for-elementor-plugin-1-4-4-local-file-inclusion-vulnerability?_s_id=cve vdb-entry

Source

cvelistV5-main/cves/2024/43xxx/CVE-2024-43140.json