Lucene search
HistoryJun 24, 2024 - 12:15 p.m.
CVE-2024-37091
cve-2024-37091
stylemixthemes
consulting elementor widgets
command injection
os command injection
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
20.9%
Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in StylemixThemes Consulting Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0.
Affected configurations
Node
stylemixthemesconsulting_elementor_widgetsRange<1.3.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| stylemixthemes | consulting_elementor_widgets | * | cpe:2.3:a:stylemixthemes:consulting_elementor_widgets:*:*:*:*:*:wordpress:*:* |
Related
cve
cve
CVE-2024-37091
2024-06-24 12:15:10
vulnrichment
vulnrichment
cvelist
cvelist
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
20.9%
Related for NVD:CVE-2024-37091