CVE-2024-49271

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.121 - Remote Code Execution (RCE) vulnerability

Description

Deserialization of Untrusted Data vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for-elementor allows Command Injection.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through <= 1.5.121.

INFO

Published Date :

2024-10-16T12:55:41.399Z

Last Modified :

2026-04-01T15:36:06.354Z

Source :

Patchstack

AFFECTED PRODUCTS

The following products are affected by CVE-2024-49271 vulnerability.

Vendors	Products
Unlimited-elements	Unlimited Elements For Elementor Unlimited Elements For Elementor \(free Widgets\, Addons\, Templates\)

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-49271.

URL	Resource
https://patchstack.com/database/Wordpress/Plugin/unlimited-elements-for-elementor/vulnerability/wordpress-unlimited-elements-for-elementor-free-widgets-addons-templates-plugin-1-5-121-remote-code-execution-rce-vulnerability?_s_id=cve

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact