CVE-2024-33568 – This vulnerability in Element Pack Pro WordPres... (How to Fix)

Q: What is the severity of CVE-2024-33568?

CVE-2024-33568 has a CVSS score of 8.5 (HIGH). This vulnerability in Element Pack Pro WordPress plugin allows attackers to read arbitrary files on the server and execute malicious code through deserialization attacks. It affects WordPress sites using the vulnerable plugin version. Attackers can exploit this without authentication to compromise the web server.

📋 TL;DR

This vulnerability in Element Pack Pro WordPress plugin allows attackers to read arbitrary files on the server and execute malicious code through deserialization attacks. It affects WordPress sites using the vulnerable plugin version. Attackers can exploit this without authentication to compromise the web server.

💻 Affected Systems

Products:

BdThemes Element Pack Pro WordPress Plugin

Versions: All versions before 7.19.3

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects WordPress installations with Element Pack Pro plugin active. No special configuration required for exploitation.

📦 What is this software?

Element Pack by Bdthemes

View all CVEs affecting Element Pack →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise leading to data theft, ransomware deployment, or complete site takeover with persistent backdoor installation.

🟠

Likely Case

Arbitrary file reading exposing sensitive configuration files, database credentials, and user data, followed by remote code execution.

🟢

If Mitigated

Limited file access if proper file permissions are set, but deserialization could still lead to object injection attacks.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit combines path traversal with PHAR deserialization for reliable exploitation. Public exploit code exists.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.19.3

Vendor Advisory: https://patchstack.com/database/vulnerability/bdthemes-element-pack/wordpress-element-pack-pro-plugin-7-7-4-arbitrary-file-read-and-phar-deserialization-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Element Pack Pro' and check for updates. 4. Update to version 7.19.3 or higher. 5. Verify update completed successfully.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate Element Pack Pro plugin until patched

wp plugin deactivate bdthemes-element-pack

Restrict file access

linux

Set strict file permissions on sensitive directories

chmod 640 wp-config.php
chmod 640 .htaccess

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block path traversal patterns and deserialization attempts
Restrict network access to WordPress admin interface using IP whitelisting

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Element Pack Pro version. If version is below 7.19.3, system is vulnerable.

Check Version:

wp plugin get bdthemes-element-pack --field=version

Verify Fix Applied:

Verify plugin version shows 7.19.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

HTTP requests containing '../' patterns
Requests to unusual file paths in wp-content/plugins/bdthemes-element-pack/
PHP errors related to unserialize() or file operations

Network Indicators:

Unusual file read attempts via web requests
POST requests with serialized data to plugin endpoints

SIEM Query:

source="web_access_logs" AND (uri="*../*" OR uri="*/bdthemes-element-pack/*") AND status=200

📊 Metadata

CVE ID: CVE-2024-33568

CVSS v3 Score: 8.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-22

Published: June 4, 2024

Last Updated: February 26, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-33568, you might also want to check these: