Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider 1.6.4

  • Severity: critical
  • Status: Fixed
  • Publication: August 20, 2024

The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, and Woocommerce Slider plugin has a security issue that could allow hackers to access and manipulate the website’s code. This vulnerability is possible through a type of attack called PHP Object Injection. This means that an attacker could inject their own code into the website, potentially giving them access to sensitive information or the ability to delete files. This vulnerability affects versions up to and including 1.6.4 of the plugin. It’s important to note that this plugin does not have a built-in defense against this kind of attack. If the website also has other plugins or themes that have a similar vulnerability, the attack could be even more severe.

Detected in:

Ultimate Store Kit – Addon For WooCommerce, EDD and Elementor fixed vulnerable versions:
Ultimate Store Kit – Elementor powered WooCommerce Builder, 80+ Widgets and Template Builder fixed vulnerable versions: >= * <= 1.6.4

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.