CVE-2023-31231

CRITICAL

Unlimited-elements Unlimited Elements For Elementor < 1.5.66 - Unrestricted File Upload

Title source: rule

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.65.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-65-arbitrary-file-upload-vulnerability?_s_id=cve

Scores

CVSS v3 9.9

EPSS 0.0006

EPSS Percentile 18.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (2)

Unlimited Elements/Unlimited Elements For Elementor (Free Widgets, Addons, Templates) < 1.5.65

unlimited-elements/unlimited_elements_for_elementor < 1.5.66

Published Dec 20, 2023

Tracked Since Feb 18, 2026