CVE-2024-10312

Published Oct 29, 2024

Last updated 19 days ago

CVSS medium 4.3

Overview

Description
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.4 via the render function in elements/tabs/tabs.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.
Source
security@wordfence.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
4.3
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Severity
MEDIUM

Weaknesses

security@wordfence.com
CWE-200

Social media

Hype score
Not currently trending

  1. CVE-2024-10312 (Published: 2024-10-29) - A high-severity vulnerability in Wordfence (Defiant Inc.) affects multiple versions. Users are urged to update to the latest version to mitigate risks. For detailed remediation steps, visit: https://t.co/JLBSfsqhaa #CyberSecurity

    @transilienceai

    1 Nov 2024

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2024-10312 (Published: 2024-10-29) affects Exclusive Addons for Elementor. This high-severity vulnerability impacts specific versions. Users are urged to update to the latest version immediately to mitigate risks. Stay secure! 🔒 More info: https://t.co/kdCOLAkO5Y… https:/

    @transilienceai

    1 Nov 2024

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 CVE-2024-10312 (Published: 2024-10-29) affects Exclusive Addons for Elementor. This high-severity vulnerability impacts multiple versions. To protect your site, update to the latest version immediately. Stay secure! 🔒 More info: https://t.co/kdCOLAkO5Y #WordPress #Security

    @transilienceai

    1 Nov 2024

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CVE-2024-10312 (Published: 2024-10-29) - A high-severity vulnerability in Exclusive Addons for Elementor affects multiple versions. Users are urged to update to the latest version immediately to mitigate risks. Stay secure! 🔒 More info: https://t.co/kdCOLAkO5Y #WordPress… htt

    @transilienceai

    1 Nov 2024

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-10312 The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.4 via the render fun… https://t.co/8DlWRDmhyy

    @CVEnew

    29 Oct 2024

    416 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References