CVE-2024-33541 – This vulnerability allows attackers to read arb... (How to Fix)

Q: What is the severity of CVE-2024-33541?

CVE-2024-33541 has a CVSS score of 6.5 (MEDIUM). This vulnerability allows attackers to read arbitrary files on the server through path traversal in the Better Elementor Addons WordPress plugin. It affects all WordPress sites using this plugin from any version up to 1.4.1. Attackers can potentially access sensitive files like configuration files or source code.

📋 TL;DR

This vulnerability allows attackers to read arbitrary files on the server through path traversal in the Better Elementor Addons WordPress plugin. It affects all WordPress sites using this plugin from any version up to 1.4.1. Attackers can potentially access sensitive files like configuration files or source code.

💻 Affected Systems

Products:

Better Elementor Addons WordPress Plugin

Versions: All versions up to and including 1.4.1

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects WordPress installations with the Better Elementor Addons plugin installed and activated.

📦 What is this software?

Better Elementor Addons by Kitforest

View all CVEs affecting Better Elementor Addons →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise through reading sensitive configuration files (like wp-config.php containing database credentials), followed by database access and potential remote code execution.

🟠

Likely Case

Information disclosure of sensitive files, potentially exposing database credentials, user data, or other configuration secrets.

🟢

If Mitigated

Limited impact if proper file permissions restrict access to sensitive files and web server runs with minimal privileges.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities are typically easy to exploit with simple HTTP requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.4.2 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/better-elementor-addons/wordpress-better-elementor-addons-plugin-1-4-1-local-file-inclusion-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find 'Better Elementor Addons'. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 1.4.2+ from WordPress.org and manually update.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patched

Web Application Firewall Rule

all

Block requests containing path traversal patterns to the plugin endpoints

🧯 If You Can't Patch

Remove or disable the Better Elementor Addons plugin immediately
Implement strict file permissions (chmod 600 for sensitive files, web server running as non-privileged user)

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Better Elementor Addons → Version. If version is 1.4.1 or lower, you are vulnerable.

Check Version:

wp plugin list --name=better-elementor-addons --field=version

Verify Fix Applied:

After updating, verify plugin version shows 1.4.2 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

HTTP requests to /wp-content/plugins/better-elementor-addons/ with ../ patterns
Unusual file access patterns in web server logs

Network Indicators:

HTTP requests containing path traversal sequences (../, ..\, %2e%2e%2f) to plugin endpoints

SIEM Query:

web.url:*better-elementor-addons* AND (web.url:*..%2f* OR web.url:*..\* OR web.url:*%2e%2e%2f*)

📊 Metadata

CVE ID: CVE-2024-33541

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: June 4, 2024

Last Updated: March 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-33541, you might also want to check these: