cleantalk
Vulnerabilities and Security Researches

Widgets for WooCommerce Products on Elementor, CVE-2024-43271

CVE, Research URL

CVE-2024-43271

Home page URL

Security reports for Widgets for WooCommerce Products on Elementor

Application

Widgets for WooCommerce Products on Elementor

Published on
Aug 19, 2024
Research Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themelocation Woo Products Widgets For Elementor allows PHP Local File Inclusion.This issue affects Woo Products Widgets For Elementor: from n/a through 2.0.0.
Affected versions
Min -, max 2.0.4.
Status
vulnerable
Previous vulnerability researches
Widgets for WooCommerce Products on Elementor (CVE-2024-43271) , Aug 16, 2024
Widgets for WooCommerce Products on Elementor (CVE-2022-4661) , Jun 07, 2024
Widgets for WooCommerce Products on Elementor (00cc31a32724c453706e038aef15abaef0730a3d) , Jun 07, 2024
New vulnerability
Back Button Widget (CVE-2025-48252) , May 21, 2025
Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China (CVE-2025-48243) , May 21, 2025
Free Shipping Amount Label & Progress Bar for WooCommerce (CVE-2025-48253) , May 21, 2025
WordPress Gallery Plugin – NextGEN Gallery (CVE-2024-5878) , May 21, 2025
Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin (CVE-2025-48247) , May 21, 2025