Path Traversal Vulnerability in Cowidgets – Elementor Addons
CVE-2024-37419

7.5HIGH

Key Information:

Vendor: WordPress
Status: Cowidgets – Elementor Addons
Vendor: CVE Published:; 9 July 2024

What is CVE-2024-37419?

The path traversal vulnerability in Codeless Cowidgets – Elementor Addons allows attackers to exploit improper limitations on file paths. This weakness can enable unauthorized access to sensitive files on the server, which can lead to further exploitation. The issue notably affects versions up to 1.1.1, creating significant security concerns for users utilizing the plugin in their web applications.

Affected Version(s)

Cowidgets – Elementor Addons <= 1.1.1

References

https://patchstack.com/database/vulnerability/cowidgets-e...

vdb-entry

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 9, 2024

CVE-2024-37419 Data

JSON

WordPress

What is CVE-2024-37419?

Affected Version(s)

References

CVSS V3.1

Timeline