Login Sign Up

CVE-2024-3499

8.8 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability in the ElementsKit Elementor addons plugin for WordPress allows authenticated attackers with contributor-level access or higher to perform Local File Inclusion (LFI) attacks. Attackers can include and execute arbitrary PHP files on the server, potentially leading to remote code execution, data theft, or privilege escalation. All WordPress sites using vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:
  • ElementsKit Elementor addons plugin for WordPress
Versions: All versions up to and including 3.1.0
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress with the vulnerable plugin installed. Contributor-level authentication is required for exploitation.

📦 What is this software?

Elements Kit Elementor Addons by Wpmet

View all CVEs affecting Elements Kit Elementor Addons →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise via remote code execution, data exfiltration, backdoor installation, and complete site takeover.

🟠

Likely Case

Unauthorized file access, privilege escalation to administrator, and installation of web shells or malware.

🟢

If Mitigated

Limited impact if proper file upload restrictions and server hardening are in place, though LFI could still expose sensitive files.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access but is straightforward once attacker has contributor-level credentials.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.1.1

Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3070789/elementskit-lite

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find ElementsKit Elementor addons. 4. Click 'Update Now' if available. 5. Alternatively, download version 3.1.1+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Disable Onepage Scroll Module

all

Temporarily disable the vulnerable module until patching is possible

Restrict Contributor Access

all

Temporarily remove contributor-level user accounts or restrict their permissions

🧯 If You Can't Patch

  • Remove the ElementsKit plugin entirely if not essential
  • Implement strict file upload restrictions and disable PHP execution in upload directories

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → ElementsKit → Version number. If version is 3.1.0 or lower, you are vulnerable.

Check Version:

wp plugin list --name=elementskit --field=version

Verify Fix Applied:

Verify plugin version is 3.1.1 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file inclusion requests in web server logs
  • Multiple failed authentication attempts followed by successful contributor login
  • Requests to wp-content/plugins/elementskit with unusual parameters

Network Indicators:

  • POST requests to elementskit endpoints with file path parameters
  • Unusual outbound connections from web server after plugin access

SIEM Query:

source="web_server" AND (uri_path="*elementskit*" AND (param="*file*" OR param="*include*"))

📊 Metadata

CVE ID: CVE-2024-3499
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: May 2, 2024
Last Updated: January 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON