CVE-2023-33930

WordPress Unlimited Elements For Elementor plugin <= 1.5.66 - Unrestricted Zip Extraction vulnerability

CVSS 9.1 CRITICALEPSS 0.5%CWE-434

Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Code Injection.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.66.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected products

Unlimited Elements · Unlimited Elements For Elementor (Free Widgets, Addons, Templates)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-66-unrestricted-zip-extraction-vulnerability?_s_id=cve