CVE-2024-37479 – WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.8.1 - Contributor+ Local File Inclusion vulnerability
https://notcve.org/view.php?id=CVE-2024-37479
Local File Inclusion vulnerability in LA-Studio LA-Studio Element Kit for Elementor via "LaStudioKit Progress Bar" widget in New Post, specifically in the "progress_type" attribute.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.8.1. Vulnerabilidad de inclusión de archivos locales en LA-Studio LA-Studio Element Kit para Elementor a través del widget "LaStudioKit Progress Bar" en Nueva publicación, específicamente en el atributo "progress_type". Este problema afecta a LA-Studio Element Kit para Elementor: desde n/a hasta 1.3.8.1. The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'progress_type' attribute of the Progress Bar widget. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. • https://patchstack.com/database/vulnerability/lastudio-element-kit/wordpress-la-studio-element-kit-for-elementor-plugin-1-3-8-1-local-file-inclusion-vulnerability?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVE-2024-34374 – WordPress ElementsReady Addons for Elementor plugin <= 5.8.0 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-34374
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuomodoSoft ElementsReady Addons for Elementor allows Stored XSS.This issue affects ElementsReady Addons for Elementor: from n/a through 5.8.0. La vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('cross-site Scripting') en QuomodoSoft ElementsReady Addons para Elementor permite almacenar XSS. Este problema afecta a ElementsReady Addons para Elementor: desde n/a hasta 5.8.0. The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/element-ready-lite/wordpress-elementsready-addons-for-elementor-plugin-5-8-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-33568 – WordPress Element Pack Pro plugin <= 7.7.4 - Arbitrary File Read and Phar Deserialization vulnerability
https://notcve.org/view.php?id=CVE-2024-33568
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Deserialization of Untrusted Data vulnerability in BdThemes Element Pack Pro allows Path Traversal, Object Injection.This issue affects Element Pack Pro: from n/a through 7.7.4. Limitación inadecuada de un nombre de ruta a un directorio restringido ("Path Traversal"), vulnerabilidad de deserialización de datos no confiables en BdThemes Element Pack Pro permite el Path Traversal, la inyección de objetos. Este problema afecta a Element Pack Pro: desde n/a hasta 7.7.4. The Element Pack Pro - Addon for Elementor Page Builder WordPress Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.7.4. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. • https://patchstack.com/database/vulnerability/bdthemes-element-pack/wordpress-element-pack-pro-plugin-7-7-4-arbitrary-file-read-and-phar-deserialization-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-502: Deserialization of Untrusted Data •
CVE-2024-31208 – Synapse's V2 state resolution weakness allows DoS from remote room members
https://notcve.org/view.php?id=CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate excessive data in the database of such instances, resulting in a denial of service. Servers in private federations, or those that do not federate, are not affected. Server administrators should upgrade to 1.105.1 or later. • https://github.com/element-hq/synapse/commit/55b0aa847a61774b6a3acdc4b177a20dc019f01a https://github.com/element-hq/synapse/releases/tag/v1.105.1 https://github.com/element-hq/synapse/security/advisories/GHSA-3h7q-rfh9-xm4v https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6FCCO4ODTZ3FDS7TMW76PKOSEL2TQVB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RR53FNHV446CB37TP45GZ6F6HZLZCK3K https://lists.fedoraproject.org/archives/list/package-announce@lists. • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2024-30496 – WordPress Element Pack Lite plugin <= 5.5.3 - SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-30496
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BdThemes Element Pack Elementor Addons.This issue affects Element Pack Elementor Addons: from n/a through 5.5.3. Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en el complemento Element Pack Elementor Addons de BdThemes para WordPress. Este problema afecta a Element Pack Elementor Addons: desde n/a hasta 5.5.3. The Element Pack Elementor Addons plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 5.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://patchstack.com/database/vulnerability/bdthemes-element-pack-lite/wordpress-element-pack-lite-plugin-5-5-3-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •