CVE-2024-56000 – WordPress K Elements plugin < 5.4.0 - Unauthenticated Account Takeover vulnerability

https://notcve.org/view.php?id=CVE-2024-56000

17 Feb 2025 — Incorrect Privilege Assignment vulnerability in NotFound K Elements allows Privilege Escalation. This issue affects K Elements: from n/a through n/a. Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements allows Privilege Escalation.This issue affects K Elements: from n/a before 5.4.0. The K Elements plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.3.9. This is due to the kleo_fb_intialize() function not having sufficient identity verificat... • https://patchstack.com/database/wordpress/plugin/k-elements/vulnerability/wordpress-k-elements-plugin-5-2-0-unauthenticated-account-takeover-vulnerability?_s_id=cve • CWE-266: Incorrect Privilege Assignment •