VYPR
Unrated severityNVD Advisory· Published Jun 24, 2024· Updated Apr 28, 2026

WordPress Consulting Elementor Widgets plugin <= 1.3.0 - Remote Code Execution (RCE) vulnerability

CVE-2024-37091

Description

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in StylemixThemes Consulting Elementor Widgets, StylemixThemes Masterstudy Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0; Masterstudy Elementor Widgets: from n/a through 1.2.2.

Affected products

4

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.