CVE-2024-37437 Information

Description

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Elementor Elementor Website Builder allows Cross-Site Scripting (XSS) Stored XSS.This issue affects Elementor Website Builder: from n/a through 3.22.1.

Reference

https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-website-builder-more-than-just-a-page-builder-plugin-3-22-1-arbitrary-file-download-vulnerability?_s_id=cve