Elementor Website Builder – More than Just a Page Builder, CVE-2020-7055

CVE, Research URL: CVE-2020-7055
Home page URL: Security reports for Elementor Website Builder – More than Just a Page Builder
Application: Elementor Website Builder – More than Just a Page Builder
Published on: Apr 22, 2020
Research Description: An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive.
Affected versions: max 3.13.2.
Status: vulnerable