Path Traversal in Webcodingplace Classic Addons – Wpbakery Page Builder

CVE-2024-11952

The Classic Addons – WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File Inclusion in all versions up to, and including, 3.0 via the 'style' parameter. This makes it possible for authenticated attackers, with…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.009 (54.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2024-11952?
CVE-2024-11952 is a high-severity vulnerability in Webcodingplace Classic Addons – Wpbakery Page Builder, classified under Path Traversal. CVSS score: 7.5/10. Published 2024-12-04.
How severe is CVE-2024-11952?
High severity. CVSS v3 base score is 7.5 out of 10.