5 matches found
CVE-2024-10670
The Primary Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.2 via the primelementortemplate shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
CVE-2024-10670 Primary Addon for Elementor <= 1.6.2 - Authenticated (Contributor+) Post Disclosure
The Primary Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.2 via the primelementortemplate shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
CVE-2024-10670 Primary Addon for Elementor <= 1.6.2 - Authenticated (Contributor+) Post Disclosure
The Primary Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.2 via the primelementortemplate shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
CVE-2024-10670
The CVE-2024-10670 entry concerns the WordPress plugin Primary Addon for Elementor (versions
WordPress Primary Addon for Elementor Plugin <= 1.6.2 is vulnerable to Broken Access Control
Software Primary Addon for Elementor Type Plugin Vulnerable versions = 1.6.2 Fixed in 1.6.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10670 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ad2ecefb58c9...