CVE-2023-37390

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 19, 2023

Updated: Dec 28, 2023

CWE ID 502

Summary

CVE-2023-37390 is a deserialization vulnerability affecting Themesflat Addons For Elementor. The issue occurs when untrusted data is deserialized, potentially leading to arbitrary code execution. This vulnerability can be exploited by an attacker to gain control over an affected system. Themesflat Addons For Elementor versions from n/a through 2.0.0 are affected by this issue. Users are advised to update to the latest version to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r4rEIV
https://www.cve.org/CVERecord?id=CVE-2023-37390
https://nvd.nist.gov/vuln/detail/CVE-2023-37390

Back to Vulnerability Database

CVE-2023-37390

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations