Path Traversal Vulnerability Affects Consulting Elementor Widgets
CVE-2024-37089
9.8CRITICAL
What is CVE-2024-37089?
A Path Traversal vulnerability exists in the Consulting Elementor Widgets developed by StylemixThemes, which allows unauthorized attackers to exploit a limitation in pathname restrictions. This weakness can lead to PHP Local File Inclusion, permitting attackers to access sensitive files on the server. The vulnerability affects all versions up to and including 1.3.0, highlighting the need for immediate updates and patches to safeguard against potential breaches.
Affected Version(s)
Consulting Elementor Widgets <= 1.3.0