CVE-2024-9935

HIGH NUCLEI

PDF Generator Addon - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 5 public exploits for CVE-2024-9935. PoCs published by iSee857, verylazytech, RandomRobbieBF. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains functional exploit code for multiple CVEs, including CVE-2026-22812, which demonstrates a command execution vulnerability in OpenCode. The PoC sends crafted requests to exploit the vulnerability and verify command execution via the 'id' command.

Description

The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.0.0 via the rtw_pgaepb_dwnld_pdf() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. CVE-2025-24569 may be a duplicate of this issue.

Exploits (5)

github WORKING POC 40 stars
by iSee857 · pythonpoc
https://github.com/iSee857/CVE-PoC/tree/main/WordPress(CVE-2024-9935).py

The repository contains functional exploit code for multiple CVEs, including CVE-2026-22812, which demonstrates a command execution vulnerability in OpenCode. The PoC sends crafted requests to exploit the vulnerability and verify command execution via the 'id' command.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: OpenCode (version not specified)
No auth needed
Prerequisites: Network access to the target · OpenCode service running
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC 7 stars
by verylazytech · poc
https://github.com/verylazytech/CVE-2024-9935

This repository contains a functional proof-of-concept exploit for CVE-2024-9935, an unauthenticated arbitrary file download vulnerability in the PDF Generator Addon for Elementor Page Builder plugin for WordPress. The exploit leverages a path traversal flaw in the rtw_pgaepb_dwnld_pdf() function to read arbitrary files on the server.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: PDF Generator Addon for Elementor Page Builder <= 1.7.5
No auth needed
Prerequisites: Target must have the vulnerable plugin installed and accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by RandomRobbieBF · poc
https://github.com/RandomRobbieBF/CVE-2024-9935

This PoC demonstrates an unauthenticated arbitrary file download vulnerability in the PDF Generator Addon for Elementor Page Builder plugin for WordPress. The vulnerability is exploited via a path traversal attack in the rtw_pgaepb_dwnld_pdf() function, allowing attackers to read sensitive files on the server.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: PDF Generator Addon for Elementor Page Builder <= 1.7.5
No auth needed
Prerequisites: Target must have the vulnerable plugin installed and active
devstral-2 · analyzed Feb 16, 2026 Full analysis →
github WORKING POC
by Boshe99 · pythonpoc
https://github.com/Boshe99/CVE-Exploits/tree/main/CVE-2024-9935

The repository contains functional exploit code for CVE-2024-9935, targeting an arbitrary file upload vulnerability in the WordPress Plugin 3DPrint Lite 1.9.1.4. The exploit demonstrates the ability to upload a malicious file to a vulnerable target.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WordPress Plugin 3DPrint Lite 1.9.1.4
No auth needed
Prerequisites: Target URL · Path to the file to be uploaded
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC
by Nxploited · poc
https://github.com/Nxploited/CVE-2024-9935

This PoC exploits an unauthenticated arbitrary file download vulnerability in the PDF Generator Addon for Elementor Page Builder plugin (version <= 1.7.5). It first checks the plugin version via a README.txt file and then attempts to read /etc/passwd using a path traversal attack.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: PDF Generator Addon for Elementor Page Builder <= 1.7.5
No auth needed
Prerequisites: Target must have the vulnerable plugin installed and accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Arbitrary File Download
HIGHVERIFIEDby s4e-io
FOFA: body="wp-content/plugins/pdf-generator-addon-for-elementor-page-builder/"

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.9382
EPSS Percentile 99.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-22
Status published
Products (2)
redefiningtheweb/PDF Generator Addon for Elementor Page Builder < 1.7.5
redefiningtheweb/PDF Generator for WordPress Elementor < 2.0.0
Published Nov 16, 2024
Tracked Since Feb 18, 2026