CVE-2024-1358 - Vulnerability Details - OpenCVE

The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to include the contents of arbitrary PHP files on the server, which may expose sensitive information.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Webtechstreet	Elementor Addon Elements

Configuration 1 [-]

cpe:2.3:a:webtechstreet:elementor_addon_elements:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89
https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve

History

Fri, 17 Jan 2025 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Webtechstreet Webtechstreet elementor Addon Elements
Weaknesses		CWE-22
CPEs		cpe:2.3:a:webtechstreet:elementor_addon_elements::::::wordpress::*
Vendors & Products		Webtechstreet Webtechstreet elementor Addon Elements

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-03-13T15:26:37.292Z

Updated: 2024-08-08T20:19:03.701Z

Reserved: 2024-02-08T18:18:46.714Z

Link: CVE-2024-1358

Vulnrichment

Updated: 2024-08-01T18:33:25.444Z

NVD

Status : Analyzed

Published: 2024-03-13T16:15:19.870

Modified: 2025-01-17T19:52:41.687

Link: CVE-2024-1358

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1358", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-02-08T18:18:46.714Z", "datePublished": "2024-03-13T15:26:37.292Z", "dateUpdated": "2024-08-08T20:19:03.701Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-03-13T15:26:37.292Z"}, "affected": [{"vendor": "webtechstreet", "product": "Elementor Addon Elements", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "1.12.12", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to include the contents of arbitrary PHP files on the server, which may expose sensitive information."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php"}, {"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "timeline": [{"time": "2024-02-21T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.444Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "wpvibes", "product": "anywhere_elementor", "cpes": ["cpe:2.3:a:wpvibes:anywhere_elementor:*:*:*:*:*:wordpress:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.12.12", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-13T20:07:35.647535Z", "id": "CVE-2024-1358", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-08T20:19:03.701Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.444Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1358", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-03-13T20:07:35.647535Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:wpvibes:anywhere_elementor:*:*:*:*:*:wordpress:*:*"], "vendor": "wpvibes", "product": "anywhere_elementor", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.12.12"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-08T20:18:59.991Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "webtechstreet", "product": "Elementor Addon Elements", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.12.12"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-02-21T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php"}, {"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89"}], "descriptions": [{"lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to include the contents of arbitrary PHP files on the server, which may expose sensitive information."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-03-13T15:26:37.292Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1358", "state": "PUBLISHED", "dateUpdated": "2024-08-08T20:19:03.701Z", "dateReserved": "2024-02-08T18:18:46.714Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-03-13T15:26:37.292Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webtechstreet:elementor_addon_elements:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "A7CA62DB-FA1A-4082-A265-E544B1E05957", "versionEndExcluding": "1.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to include the contents of arbitrary PHP files on the server, which may expose sensitive information."}, {"lang": "es", "value": "El complemento Elementor Addon Elements para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 1.12.12 incluida a trav\u00e9s de la funci\u00f3n de renderizado. Esto hace posible que atacantes autenticados, con acceso de colaborador o superior, incluyan el contenido de archivos PHP arbitrarios en el servidor, lo que puede exponer informaci\u00f3n confidencial."}], "id": "CVE-2024-1358", "lastModified": "2025-01-17T19:52:41.687", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-13T16:15:19.870", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}