First published: Tue Jul 09 2024(Updated: )
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons allows Path Traversal.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through 2.1.12.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Radiustheme Shopbuilder Wordpress | <2.1.13 |
Update to 2.1.13 or a higher version.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2024-37520 has not been explicitly rated, but it involves a Path Traversal vulnerability which can lead to unauthorized file access.
To fix CVE-2024-37520, you should upgrade the RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons to version 2.1.13 or later.
CVE-2024-37520 affects the RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons from versions n/a through 2.1.12.
Path Traversal in the context of CVE-2024-37520 refers to the vulnerability that allows an attacker to access files and directories outside the intended directory.
As of now, there is no public exploit available for CVE-2024-37520, but its existence poses a risk if the vulnerable version is still in use.