CVE-2024-43140: WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.4 - Local File Inclusion vulnerability

Q: What is the severity of CVE-2024-43140?

CVE-2024-43140 has been classified with a high severity level due to its potential for PHP Local File Inclusion.

Q: How do I fix CVE-2024-43140?

To fix CVE-2024-43140, update the Ultimate Bootstrap Elements for Elementor plugin to version 1.4.5 or later.

Q: What software is affected by CVE-2024-43140?

CVE-2024-43140 affects versions of the G5plus Ultimate Bootstrap Elements for Elementor plugin from n/a up to 1.4.4.

Q: What type of vulnerability is CVE-2024-43140?

CVE-2024-43140 is classified as a Path Traversal vulnerability that can lead to Local File Inclusion.

Q: Is CVE-2024-43140 exploitable remotely?

Yes, CVE-2024-43140 can be exploited remotely if the affected plugin is improperly configured.

Published Aug 13, 2024

Updated

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.4.

Affected Software

1 affected component

G5plus Ultimate Bootstrap Elements For Elementor Wordpress<1.4.5

Remediation

Information

Update to 1.4.5 or a higher version.

Event History

Aug 13, 2024

CVE Published

via MITRE·11:36 AM

Data Sourced

via MITRE·11:36 AM

RemedyDescriptionSeverityWeakness

Data Sourced

via NVD·12:15 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2024-43140?

CVE-2024-43140 has been classified with a high severity level due to its potential for PHP Local File Inclusion.

How do I fix CVE-2024-43140?

To fix CVE-2024-43140, update the Ultimate Bootstrap Elements for Elementor plugin to version 1.4.5 or later.

What software is affected by CVE-2024-43140?