3 matches found
WordPress ElementInvader Addons for Elementor plugin <= 1.3.1 - Missing Authorization to Arbitrary Options Read vulnerability
Missing Authorization to Arbitrary Options Read vulnerability discovered by Francesco Carlucci in WordPress Plugin ElementInvader Addons for Elementor versions = 1.3.1...
CVE-2025-8423 My WP Translate <= 1.1 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Option Read and Deletion
The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mtswptremoveplugin and ajaxupdateexportcode functions in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with...
CVE-2024-12059 ElementInvader Addons for Elementor <= 1.3.1 - Missing Authorization to Arbitrary Options Read
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.1 via the elioptionvalue shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract...