Path Traversal Vulnerability in PDF Generator Addon for Elementor Page Builder by RedefiningTheWeb
CVE-2025-24569

7.5HIGH

Key Information:

Vendor: WordPress
Status: PDF Generator Addon For Elementor Page Builder
Vendor: CVE Published:; 3 February 2025

Summary

A Path Traversal vulnerability exists in the PDF Generator Addon for Elementor Page Builder by RedefiningTheWeb, allowing attackers to exploit improperly limited pathname access to restricted directories. This issue enables unauthorized access to sensitive files on the server, potentially leading to data exposure or further compromise. Affected versions include those up to 1.7.5, and timely updates are crucial to mitigate associated risks.

Affected Version(s)

PDF Generator Addon for Elementor Page Builder <= 1.7.5

References

https://patchstack.com/database/wordpress/plugin/pdf-gene...

vdb-entry

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 3, 2025
Vulnerability Reserved
Jan 23, 2025

Credit

thiennv (Patchstack Alliance)