CVE-2024-43281

MEDIUM

VOID CODERS Void Elementor Post Grid Addon - Path Traversal

Title source: llm

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in VOID CODERS Void Elementor Post Grid Addon for Elementor Page builder allows PHP Local File Inclusion.This issue affects Void Elementor Post Grid Addon for Elementor Page builder: from n/a through 2.3.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/void-elementor-post-grid-addon-for-elementor-page-builder/wordpress-void-elementor-post-grid-addon-for-elementor-page-builder-plugin-2-3-local-file-inclusion-vulnerability?_s_id=cve

Scores

CVSS v3 5.3

EPSS 0.0048

EPSS Percentile 37.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

VOID CODERS/Void Elementor Post Grid Addon for Elementor Page builder < 2.3

Published Aug 19, 2024

Tracked Since Feb 18, 2026