3 matches found
CVE-2022-4703
The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wprresetpreviousimport' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to reset previously imported da...
CVE-2022-4703
CVE-2022-4703 affects the WordPress plugin Royal Elementor Addons. Affected versions are up to and including 1.3.59, where insufficient access control in the wpr_reset_previous_import AJAX action allows any authenticated user (including subscribers) to reset previously imported data. The vulnerab...
WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4703 Patch priority Medium CVSS severity Medium 4.3 Developer WProyal PSID c80fbc0d4bbd Credits Ramuel Gall Required...