Platform
wordpress
Component
addons-for-elementor
Fixed in
8.3.8
CVE-2024-2385 is a Local File Inclusion (LFI) vulnerability discovered in Elementor Addons by Livemesh, a WordPress plugin. This vulnerability allows authenticated attackers with contributor-level access or higher to include and execute arbitrary files on the server. The vulnerability affects versions up to and including 8.3.7, and a patch is available from the vendor. Promptly updating the plugin is crucial to prevent exploitation.
The impact of CVE-2024-2385 is significant due to the potential for remote code execution (RCE). An attacker who can successfully exploit this vulnerability can include and execute arbitrary PHP code on the server. This could lead to complete compromise of the WordPress site, including data theft, modification of website content, and installation of malicious software. The attacker's ability to execute code allows for extensive lateral movement within the compromised environment, potentially impacting other systems connected to the WordPress server. The blast radius extends to any sensitive data stored on the server or accessible through the WordPress application.
CVE-2024-2385 was publicly disclosed on 2024-07-04. While no active exploitation campaigns have been publicly confirmed, the ease of exploitation and the potential for RCE make it a high-priority vulnerability. Public proof-of-concept (PoC) code is likely to emerge, increasing the risk of exploitation. The vulnerability has been added to the CISA KEV catalog, indicating a heightened level of concern. Monitor security advisories and threat intelligence feeds for updates.
Exploit Status
EPSS
0.24% (47% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-2385 is to immediately upgrade Elementor Addons by Livemesh to a version higher than 8.3.7, as the vendor has released a patch. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily restricting file uploads and limiting the permissions of WordPress users to the bare minimum required for their tasks. While not a complete solution, implementing a Web Application Firewall (WAF) with rules to block suspicious file inclusion attempts can provide an additional layer of defense. After upgrading, confirm the fix by attempting to trigger the vulnerable endpoint with a crafted payload and verifying that it is blocked.
Actualice el plugin Elementor Addons by Livemesh a la última versión disponible. Esto solucionará la vulnerabilidad de inclusión de archivos locales.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-2385 is a Local File Inclusion vulnerability in Elementor Addons by Livemesh for WordPress, allowing authenticated users to execute arbitrary PHP code.
You are affected if you are using Elementor Addons by Livemesh version 8.3.7 or earlier. Check your plugin version immediately.
Upgrade Elementor Addons by Livemesh to a version higher than 8.3.7. If immediate upgrade isn't possible, restrict file uploads and user permissions.
While no active exploitation campaigns have been confirmed, the vulnerability's ease of exploitation makes it a high-priority risk. Monitor for updates.
Refer to the official Elementor Addons website and WordPress plugin repository for the latest advisory and update information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.