EUVD-2024-16618

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Royal Elementor Kit theme allows unauthorized transient updates for authenticated attackers

Reporter	Title	Published	Views	Family All 11
CNNVD	WordPress Plugin Royal Elementor Kit Security Vulnerability	5 Feb 202400:00	–	cnnvd
CVE	CVE-2024-0835	5 Feb 202421:21	–	cve
Cvelist	CVE-2024-0835 Royal Elementor Kit <= 1.0.116 - Missing Authorization to Arbitrary Transient Update	5 Feb 202421:21	–	cvelist
NVD	CVE-2024-0835	5 Feb 202422:16	–	nvd
Patchstack	WordPress Royal Elementor Kit plugin <= 1.0.116 - Missing Authorization to Arbitrary Transient Update vulnerability	3 Feb 202612:53	–	patchstack
Prion	Design/Logic Flaw	5 Feb 202422:16	–	prion
Positive Technologies	PT-2024-15854 · WordPress · The Royal Elementor Kit	5 Feb 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-0835	23 May 202507:24	–	redhatcve
Vulnrichment	CVE-2024-0835 Royal Elementor Kit <= 1.0.116 - Missing Authorization to Arbitrary Transient Update	5 Feb 202421:21	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (February 5, 2024 to February 11, 2024)	15 Feb 202416:21	–	wordfence

[
  {
    "enisaIdVendor": [
      {
        "id": "b1f15e85-cab3-36de-8935-2fd124a585ba",
        "vendor": {
          "name": "wproyal"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "91ab49ae-08c4-3359-a5af-cea01b813638",
        "product": {
          "name": "Royal Elementor Kit"
        }
      },
      {
        "id": "997126bf-db9c-328c-8afb-6519c57bb1b1",
        "product": {
          "name": "Royal Elementor Kit"
        },
        "product_version": "* ≤1.0.116"
      }
    ]
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/603b6c52-48eb-4e8c-a2c1-77b12a2b1a2c
wordpress	www.wordpress.org/themes/royal-elementor-kit/
themes	www.themes.trac.wordpress.org/changeset

03 Oct 2025 20:07Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.14.3

EPSS0.00113

SSVC