Arbitrary File Inclusion Vulnerability in ElementsKit Pro Plugin for WordPress
CVE-2024-3500

8.8HIGH

Key Information:

Vendor: Wordpress
Status: Elementskit Pro
Vendor: CVE Published:; 2 May 2024

Summary

The ElementsKit Pro plugin for WordPress, developed by WPMet, is vulnerable to Local File Inclusion (LFI) across all versions up to and including 3.6.0. This vulnerability arises through specific widgets such as Price Menu, Hotspot, and Advanced Toggle. Authenticated attackers, particularly those with contributor-level access or higher, may exploit this flaw to include arbitrary files on the server. This capability allows attackers to execute any PHP code contained within those files, potentially bypassing access controls and exposing sensitive data. The risk is compounded by the ability to upload seemingly 'safe' file types like images, which can then be leveraged for malicious purposes.

Affected Version(s)

ElementsKit Pro * <= 3.6.0

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://account.wpmet.com/downloads/elementskit/?changelog=1

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 2, 2024
Vulnerability Reserved
Apr 9, 2024

Credit

Craig Smith