TROYANOSYVIRUS
Volver a CVEs

CVE-2023-33930

CRITICAL
9.1

Descripcion

Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Code Injection.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.66.

Detalles CVE

Puntuacion CVSS v3.19.1
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosHIGH
Interaccion usuarioNONE
Publicado6/4/2024
Ultima modificacion2/5/2025
Fuentenvd
Avistamientos honeypot0

Productos afectados

unlimited-elements:unlimited_elements_for_elementor

Debilidades (CWE)

CWE-434

Referencias

https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-66-unrestricted-zip-extraction-vulnerability?_s_id=cve(audit@patchstack.com)
https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-66-unrestricted-zip-extraction-vulnerability?_s_id=cve(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.