CVE-2024-56282 is a vulnerability identified in the Elicus WPMozo Addons Lite for Elementor WordPress plugin, specifically versions up to and including 1.1.0. The vulnerability stems from improper control over the filename parameter used in PHP include or require statements, a classic Remote File Inclusion (RFI) flaw. This means that an attacker can manipulate the input to these PHP functions to include arbitrary files, potentially from remote servers or local file systems. Such an inclusion can lead to remote code execution (RCE), allowing attackers to run malicious PHP code on the web server hosting the vulnerable plugin. The vulnerability is particularly dangerous because it does not require authentication or user interaction, making it exploitable remotely by unauthenticated attackers. The plugin is used to extend Elementor, a popular WordPress page builder, thus the attack surface includes any WordPress site using this plugin. Although no known exploits are currently reported in the wild, the vulnerability’s nature and ease of exploitation make it a critical risk. The lack of a CVSS score means severity must be assessed based on impact and exploitability factors. The vulnerability compromises confidentiality by potentially exposing sensitive files, integrity by allowing code injection, and availability by enabling denial-of-service or server takeover. The vulnerability was published in early 2025, and no official patches or mitigation links are currently provided, increasing urgency for users to take protective measures.

The impact of CVE-2024-56282 is significant for organizations running WordPress sites with the WPMozo Addons Lite for Elementor plugin. Successful exploitation can lead to remote code execution, enabling attackers to execute arbitrary commands, deploy malware, steal sensitive data, or pivot within the network. This can result in data breaches, website defacement, service disruption, or full server compromise. The vulnerability affects the confidentiality, integrity, and availability of affected systems. Given WordPress’s widespread use globally, especially among small to medium businesses, e-commerce sites, and content providers, the potential attack surface is large. Organizations without timely patching or mitigation may face reputational damage, financial loss, and regulatory penalties if sensitive customer data is exposed. The lack of authentication requirements and ease of exploitation increase the likelihood of automated scanning and exploitation attempts once the vulnerability becomes widely known.

1. Immediately disable or uninstall the WPMozo Addons Lite for Elementor plugin until a patch is available. 2. If disabling is not feasible, restrict PHP include paths using server configuration (e.g., open_basedir in PHP) to prevent inclusion of remote or unauthorized files. 3. Employ web application firewalls (WAFs) with rules to detect and block suspicious requests targeting file inclusion parameters. 4. Monitor web server logs for unusual requests containing file inclusion patterns or unexpected parameters. 5. Keep WordPress core, plugins, and themes updated to reduce exposure to known vulnerabilities. 6. Implement least privilege principles on the web server to limit the impact of potential code execution. 7. Regularly back up website data and configurations to enable recovery in case of compromise. 8. Follow vendor advisories for official patches or updates and apply them promptly once released.