CVE-2024-43281

{"id": "CVE-2024-43281", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.6}]}, "published": "2024-08-19T18:15:12.707", "references": [{"url": "https://patchstack.com/database/vulnerability/void-elementor-post-grid-addon-for-elementor-page-builder/wordpress-void-elementor-post-grid-addon-for-elementor-page-builder-plugin-2-3-local-file-inclusion-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in VOID CODERS Void Elementor Post Grid Addon for Elementor Page builder allows PHP Local File Inclusion.This issue affects Void Elementor Post Grid Addon for Elementor Page builder: from n/a through 2.3."}, {"lang": "es", "value": "Limitaci\u00f3n inadecuada de una vulnerabilidad de nombre de ruta a un directorio restringido (\"Path Traversal\") en VOID CODERS El complemento Void Elementor Post Grid para Elementor Page Builder permite la inclusi\u00f3n de archivos locales en PHP. Este problema afecta el complemento Void Elementor Post Grid para Elementor Page Builder: desde n/ a hasta 2.3."}], "lastModified": "2024-08-19T18:36:07.297", "sourceIdentifier": "audit@patchstack.com"}