CVE-2023-27454 – Rife Elementor Extensions & Templates <= 1.1.10 - Missing Authorization via import_templates

https://notcve.org/view.php?id=CVE-2023-27454

The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'import_templates' function in versions up to, and including, 1.1.10. This makes it possible for authenticated attackers with subscriber-level access, and above, to import and activate templates on the site. • CWE-862: Missing Authorization •