4 matches found
CVE-2022-4707
creationtimestamp| type| source ---|---|--- 2023-01-10 20:28:42+00:00| seen| https://t.me/cibsecurity/56246...
CVE-2022-4707
The Royal Elementor Addons plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.59. This is due to missing nonce validation in the 'wprcreatemegamenutemplate' AJAX function. This allows unauthenticated attackers to create Mega Menu templates,...
CVE-2022-4707
CVE-2022-4707 affects WordPress Royal Elementor Addons prior to 1.3.60. The issue is a Cross-Site Request Forgery due to missing nonce validation in the wpr_create_mega_menu_template AJAX function, allowing unauthenticated attackers to cause Mega Menu template creation if a user (admin) is convin...
WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Cross Site Request Forgery (CSRF)
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-4707 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID d1eebd7ac349 Credits Ramuel Gall Require...