Manipulating Web Input to File System Calls Vulnerability
CVE-2024-24934
8.1HIGH
What is CVE-2024-24934?
A vulnerability exists in Elementor Website Builder allowing attackers to manipulate web input to execute unauthorized file system calls through improper limitation of a pathname to a restricted directory. This can lead to path traversal attacks, posing security risks for websites using Elementor versions up to 3.19.0. Users of this plugin should be aware of potential exploitation avenues that may compromise their site integrity and data security.
Affected Version(s)
Elementor Website Builder <= 3.19.0