CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-3124 – Elementor Pro <= 3.11.6 - Authenticated(Subscriber+) Privilege Escalation via update_page_option
https://notcve.org/view.php?id=CVE-2023-3124
The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the update_page_option function in versions up to, and including, 3.11.6. This makes it possible for authenticated attackers with subscriber-level capabilities to update arbitrary site options, which can lead to privilege escalation. El plugin Elementor Pro para WordPress es vulnerable a la modificación no autorizada de datos debido a una falta de comprobación en la función "update_page_option" en versiones hasta la 3.11.6 inclusive. Esto hace posible que atacantes autenticados con capacidades a nivel de suscriptor actualicen opciones del sitio arbitrarias, lo que puede llevar a una escalada de privilegios. • https://github.com/AmirWhiteHat/CVE-2023-3124 https://blog.nintechnet.com/high-severity-vulnerability-fixed-in-wordpress-elementor-pro-plugin https://www.wordfence.com/threat-intel/vulnerabilities/id/570474f2-c118-45e1-a237-c70b849b2d3c?source=cve • CWE-862: Missing Authorization •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27454 – Rife Elementor Extensions & Templates <= 1.1.10 - Missing Authorization via import_templates
https://notcve.org/view.php?id=CVE-2023-27454
The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'import_templates' function in versions up to, and including, 1.1.10. This makes it possible for authenticated attackers with subscriber-level access, and above, to import and activate templates on the site. • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0336 – OoohBoi Steroids for Elementor < 2.1.5 - Subscriber+ Attachment Deletion
https://notcve.org/view.php?id=CVE-2023-0336
The OoohBoi Steroids for Elementor WordPress plugin before 2.1.5 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment. The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'file_batch_delete_callback' function in versions up to, and including, 2.1.3. This makes it possible for subscriber-level attackers to delete attachments. • https://wpscan.com/vulnerability/ac74df9a-6fbf-4411-a501-97eba1ad1895 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4707 – Royal Elementor Addons <= 1.3.59 - Cross-Site Request Forgery to Menu Template creation
https://notcve.org/view.php?id=CVE-2022-4707
The Royal Elementor Addons plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.59. This is due to missing nonce validation in the 'wpr_create_mega_menu_template' AJAX function. This allows unauthenticated attackers to create Mega Menu templates, granted they can trick an administrator into performing an action, such as clicking a link. WordPress Royal Elementor add-ons versions 1.3.59 and below suffer from cross site request forgery, insufficient access control, cross site scripting vulnerabilities. • https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/admin/mega-menu.php?rev=2809656 https://www.wordfence.com/blog/2023/01/eleven-vulnerabilities-patched-in-royal-elementor-addons https://www.wordfence.com/threat-intel/vulnerabilities/id/55db7d81-7ffb-49da-b64e-23e892bddc57 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4701 – Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Activation
https://notcve.org/view.php?id=CVE-2022-4701
The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpr_activate_required_plugins' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to activate the 'contact-form-7', 'media-library-assistant', or 'woocommerce' plugins if they are installed on the site. WordPress Royal Elementor add-ons versions 1.3.59 and below suffer from cross site request forgery, insufficient access control, cross site scripting vulnerabilities. • https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/admin/templates-kit.php?rev=2833046 https://www.wordfence.com/blog/2023/01/eleven-vulnerabilities-patched-in-royal-elementor-addons https://www.wordfence.com/threat-intel/vulnerabilities/id/55f7e39b-e7a5-462b-b1e4-c3d92038f17e • CWE-285: Improper Authorization •