CVE-2023-33930

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Jun 4, 2024

CWE ID 434

Summary

CVE-2023-33930 is a new vulnerability that affects the Unlimited Elements plugin for Elementor, specifically versions from 1.5.66 and prior. An Unrestricted File Upload vulnerability exists, allowing attackers to upload dangerous file types and potentially inject malicious code. This can lead to serious security implications for websites using this plugin. The issue enables arbitrary code execution and poses a significant threat to websites utilizing the Unlimited Elements plugin. Users are advised to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rrEk-p
https://www.cve.org/CVERecord?id=CVE-2023-33930
https://nvd.nist.gov/vuln/detail/CVE-2023-33930

Back to Vulnerability Database

CVE-2023-33930

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations