CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37455 – WordPress Ultimate Addons for elementor plugin <= 1.36.31 - Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-37455
Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.31. Una vulnerabilidad de gestión de privilegios inadecuada en Brainstorm Force Ultimate Addons para Elementor permite la escalada de privilegios. Este problema afecta a Ultimate Addons para Elementor: desde n/a hasta 1.36.31. The Ultimate Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.36.31. This makes it possible for authenticated attackers, with contributor-level access and above, to register as an administrator on vulnerable sites. • https://patchstack.com/database/vulnerability/ultimate-elementor/wordpress-ultimate-addons-for-elementor-plugin-1-36-31-privilege-escalation-vulnerability?_s_id=cve • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50890 – WordPress Ultimate Addons for Elementor plugin <= 1.36.20 - Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2023-50890
Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.20. Una vulnerabilidad de gestión de privilegios incorrecta en Brainstorm Force Ultimate Addons para Elementor permite la escalada de privilegios. Este problema afecta a Ultimate Addons para Elementor: desde n/a hasta 1.36.20. The Ultimate Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.36.20. This makes it possible for authenticated attackers, with contributor-level access and above, to register as an administrator on vulnerable sites. • https://patchstack.com/database/vulnerability/ultimate-elementor/wordpress-ultimate-addons-for-elementor-plugin-1-36-20-privilege-escalation-vulnerability?_s_id=cve • CWE-269: Improper Privilege Management •