Path Traversal Vulnerability in PowerPack Lite for Beaver Builder
CVE-2024-37410

7.2HIGH

Key Information:

Vendor: WordPress
Status: Powerpack Lite For Beaver Builder
Vendor: CVE Published:; 9 July 2024

Summary

A Path Traversal vulnerability exists in PowerPack Lite for Beaver Builder, allowing attackers to bypass security restrictions and access files and directories that may be outside of the intended scope. This improper limitation poses serious risks as it can be exploited by malicious users to retrieve sensitive information from the system. The issue affects versions of PowerPack Lite from n/a through 1.3.0.3, necessitating immediate attention from users to mitigate potential threats and protect sensitive data.

Affected Version(s)

PowerPack Lite for Beaver Builder <= 1.3.0.3

References

https://patchstack.com/database/vulnerability/powerpack-a...

vdb-entry

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 9, 2024

Credit

João Pedro Soares de Alcântara - Kinorth (Patchstack Alliance)