Lucene search

K
patchstackBrandon RoldanPATCHSTACK:799762223E58719E26C528C1C2B93B44
HistoryApr 22, 2024 - 12:00 a.m.

WordPress Royal Elementor Addons Plugin <= 1.3.93 is vulnerable to Bypass Vulnerability

2024-04-2200:00:00
Brandon Roldan
patchstack.com
wordpress
royal elementor addons
plugin
vulnerable
bypass vulnerability
owasp top 10
security misconfiguration
cve-2024-32786
low
wproyal
unauthenticated
published

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

6.5

Confidence

Low

Software

Royal Elementor Addons

Type

Plugin

Vulnerable versions

<= 1.3.93

Fixed in

1.3.95

OWASP Top 10

A5: Security Misconfiguration

Classification

Bypass Vulnerability

CVE

CVE-2024-32786

Patch priority

Low

CVSS severity

Low (5.3)

Developer

WProyal

PSID

136b421b7f6f

Credits

Brandon Roldan Brandon Roldan

Required privilege

Unauthenticated

Published

22 April, 2024

Remove and replace plugin Expand full details Have additional information or questions about this entry? Let us know.

Solution

This security issue has a low severity impact and is unlikely to be exploited.

Affected configurations

Vulners
Node
wp_royalroyal_elementor_addonsRange1.3.93
VendorProductVersionCPE
wp_royalroyal_elementor_addons*cpe:2.3:a:wp_royal:royal_elementor_addons:*:*:*:*:*:*:*:*

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

6.5

Confidence

Low

Related for PATCHSTACK:799762223E58719E26C528C1C2B93B44