CVE-2024-2966 in Element Pack Elementor Addons Plugininformação

Sumário

de MITRE • 11/04/2024

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.5.6 via the element_pack_ajax_search function. This makes it possible for unauthenticated attackers to extract sensitive data including password protected post details.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

Wordfence

Reservar

26/03/2024

Divulgação

11/04/2024

Moderação

aceite

Entrada

VDB-260387

CPE

pronto

CWE

CWE-200 (confirmado)

CVSS

7.5 (NVD)

EPSS

0.00642

KEV

não

Atividades

muito baixo

Sector

Hostingprovider

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-2966
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-2966
CVE Details	https://www.cvedetails.com/cve/CVE-2024-2966/

◂ Voltar Visão Geral Próximo ▸

Want to know what is going to be exploited?

We predict KEV entries!