Search criteria
2 vulnerabilities found for Classic Addons – WPBakery Page Builder by webcodingplace
CVE-2024-11952 (GCVE-0-2024-11952)
Vulnerability from cvelistv5 – Published: 2024-12-04 08:22 – Updated: 2024-12-04 14:53
VLAI?
Summary
The Classic Addons – WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File Inclusion in all versions up to, and including, 3.0 via the 'style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, and permissions granted by an Administrator, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. The vulnerability is limited to PHP files in a Windows environment.
Severity ?
7.5 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| webcodingplace | Classic Addons – WPBakery Page Builder |
Affected:
* , ≤ 3.0
(semver)
|
Credits
Nir KUM
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:webcodingplace:classic_addons_wp_bakery_page_builder_plugin_for_wordpress:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "classic_addons_wp_bakery_page_builder_plugin_for_wordpress",
"vendor": "webcodingplace",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:50:19.444374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T14:53:16.903Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Classic Addons \u2013 WPBakery Page Builder",
"vendor": "webcodingplace",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nir KUM"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Classic Addons \u2013 WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File Inclusion in all versions up to, and including, 3.0 via the \u0027style\u0027 parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, and permissions granted by an Administrator, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included. The vulnerability is limited to PHP files in a Windows environment."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T08:22:46.454Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9645b17e-6a7c-4cdd-ae43-7d2c84b624cc?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/classic-addons-wpbakery-page-builder-addons/tags/3.1/addons/testimonial-slider-item/testimonial-slider-item.php#L28"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-03T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Classic Addons \u2013 WPBakery Page Builder \u003c= 3.0 - Authenticated (Contributor+) Limited Local PHP File Inclusion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-11952",
"datePublished": "2024-12-04T08:22:46.454Z",
"dateReserved": "2024-11-28T00:01:18.610Z",
"dateUpdated": "2024-12-04T14:53:16.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11952 (GCVE-0-2024-11952)
Vulnerability from nvd – Published: 2024-12-04 08:22 – Updated: 2024-12-04 14:53
VLAI?
Summary
The Classic Addons – WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File Inclusion in all versions up to, and including, 3.0 via the 'style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, and permissions granted by an Administrator, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. The vulnerability is limited to PHP files in a Windows environment.
Severity ?
7.5 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| webcodingplace | Classic Addons – WPBakery Page Builder |
Affected:
* , ≤ 3.0
(semver)
|
Credits
Nir KUM
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:webcodingplace:classic_addons_wp_bakery_page_builder_plugin_for_wordpress:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "classic_addons_wp_bakery_page_builder_plugin_for_wordpress",
"vendor": "webcodingplace",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:50:19.444374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T14:53:16.903Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Classic Addons \u2013 WPBakery Page Builder",
"vendor": "webcodingplace",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nir KUM"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Classic Addons \u2013 WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File Inclusion in all versions up to, and including, 3.0 via the \u0027style\u0027 parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, and permissions granted by an Administrator, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included. The vulnerability is limited to PHP files in a Windows environment."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T08:22:46.454Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9645b17e-6a7c-4cdd-ae43-7d2c84b624cc?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/classic-addons-wpbakery-page-builder-addons/tags/3.1/addons/testimonial-slider-item/testimonial-slider-item.php#L28"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-03T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Classic Addons \u2013 WPBakery Page Builder \u003c= 3.0 - Authenticated (Contributor+) Limited Local PHP File Inclusion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-11952",
"datePublished": "2024-12-04T08:22:46.454Z",
"dateReserved": "2024-11-28T00:01:18.610Z",
"dateUpdated": "2024-12-04T14:53:16.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}