CVE-2024-37455
WordPress Ultimate Addons for elementor plugin <= 1.36.31 - Privilege Escalation vulnerabilityImproper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.31.
We have discovered 31,720 live websites that are affected by CVE-2024-37455.
Affected Software
| Product | |
| Category | Wordpress Plugins |
| Vulnerable Domains | 31,720 live websites (36.44% of Ultimate Addons for Elementor install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 118 versions ( 84.89% of all versions) |
Common Weakness Enumeration
CWE-269 Improper Privilege ManagementDetails
- Published - Jul 9, 2024
- Updated - Feb 7, 2025
Credits
- NGÔ THIÊN AN / ancorn_ from VNPT-VCI (Patchstack Alliance) (finder)
- Phan Trong Quan - VNPT Cyber Immunity (Patchstack Alliance) (finder)
CWE
CVE References
CWE References
CVE-2024-37455 usage by Country
 United States | 13,616 websites |
 Germany | 3,177 websites |
 France | 1,359 websites |
 GB | 1,261 websites |
 Spain | 857 websites |
 Cyprus | 770 websites |
 Poland | 740 websites |
 Australia | 717 websites |
 Netherlands | 660 websites |
 Denmark | 602 websites |
CVE-2024-37455 usage by TLD
| .com | 14,578 websites |
| .de | 1,433 websites |
| .org | 1,201 websites |
| .co.uk | 1,086 websites |
| .com.au | 1,074 websites |
| .net | 638 websites |
| .com.br | 633 websites |
| .nl | 627 websites |
| .pl | 587 websites |
| .es | 466 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2024-37455
Top websites that are affected by CVE-2024-37455. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***************************.***.mx | United States | *,*** | |
| ******.***.au | United States | **,*** | |
| ***********.com | United States | **,*** | |
| ***************.de | Germany | **,*** | |
| ****.net | GB | **,*** | |
| ************.com | United States | **,*** | |
| ***********.com | United States | **,*** | |
| ***********.com |  Czech Republic | **,*** | |
| *************.org | United States | **,*** | |
| ****.***.au | Australia | **,*** |
FAQ
CVE-2024-37455 is Improper Privilege Management in Ultimate Addons for Elementor
A total of 31,720 websites have been identified as vulnerable to CVE-2024-37455, discovered through global website indexing conducted by WebTechSurvey.
Ultimate Addons for Elementor is susceptible to CVE-2024-37455 vulnerability.
Ultimate Addons for Elementor versions before, and including, 1.36.31 are vulnerable to CVE-2024-37455.