CVE-2024-33541

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in BetterAddons Better Elementor Addons allows PHP Local File Inclusion.This issue affects Better Elementor Addons: from n/a through 1.4.1.

CVSS v3.0 6.5 MEDIUM

6.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://patchstack.com/database/vulnerability/better-elementor-addons/wordpress-better-elementor-addons-plugin-1-4-1-local-file-inclusion-vulnerability?_s_id=cve	Third Party Advisory
https://patchstack.com/database/vulnerability/better-elementor-addons/wordpress-better-elementor-addons-plugin-1-4-1-local-file-inclusion-vulnerability?_s_id=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:kitforest:better_elementor_addons:*:*:*:*:*:wordpress:*:*

History

06 Mar 2025, 14:25

Type	Values Removed	Values Added
References	~~() https://patchstack.com/database/vulnerability/better-elementor-addons/wordpress-better-elementor-addons-plugin-1-4-1-local-file-inclusion-vulnerability?_s_id=cve -~~	() https://patchstack.com/database/vulnerability/better-elementor-addons/wordpress-better-elementor-addons-plugin-1-4-1-local-file-inclusion-vulnerability?_s_id=cve - Third Party Advisory
CWE	~~CWE-22~~
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
First Time		Kitforest Kitforest better Elementor Addons
CPE		cpe:2.3:a:kitforest:better_elementor_addons::::::wordpress::*

04 Jun 2024, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-04 13:15

Updated : 2025-03-06 14:25

NVD link : CVE-2024-33541

Mitre link : CVE-2024-33541

JSON object : View

Products Affected

kitforest

better_elementor_addons

CWE

No CWE.

6.5 /10