WordPress Royal Elementor Kit plugin <= 1.0.116 - Missing Authorization to Arbitrary Transient Update vulnerability

Missing Authorization to Arbitrary Transient Update vulnerability discovered by Sean Murphy in WordPress Theme Royal Elementor Kit versions = 1.0.116...

EUVD-2024-30559

Malicious code in bioql PyPI...

CVE-2024-32773

Cross-Site Request Forgery CSRF vulnerability in WP Royal Royal Elementor Kit.This issue affects Royal Elementor Kit: from n/a through 1.0.116...

CVE-2024-0835

The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissedhandler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber access or...

CVE-2024-32773

Cross-Site Request Forgery CSRF vulnerability in WP Royal Royal Elementor Kit.This issue affects Royal Elementor Kit: from n/a through 1.0.116...

CVE-2024-32773 WordPress Royal Elementor Kit theme <= 1.0.116 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WP Royal Royal Elementor Kit.This issue affects Royal Elementor Kit: from n/a through 1.0.116...

CVE-2024-32773 WordPress Royal Elementor Kit theme <= 1.0.116 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WP Royal Royal Elementor Kit.This issue affects Royal Elementor Kit: from n/a through 1.0.116...

WordPress plugin Royal Elementor Kit 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress Royal Elementor Kit theme <= 1.0.116 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Royal Elementor Kit versions = 1.0.116...

WordPress Royal Elementor Kit Theme <= 1.0.116 is vulnerable to Cross Site Request Forgery (CSRF)

Software Royal Elementor Kit Type Theme Vulnerable versions = 1.0.116 Fixed in 1.0.117 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32773 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4da5c371e0b8 Credits Dhabaleshwar...

Royal Elementor Kit < 1.0.117 - Missing Authorization to Arbitrary Transient Update

Description The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissedhandler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber...

CVE-2024-0835

The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissedhandler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber access or...

Design/Logic Flaw

The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissedhandler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber access or...

CVE-2024-0835 Royal Elementor Kit <= 1.0.116 - Missing Authorization to Arbitrary Transient Update

The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissedhandler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber access or...

CVE-2024-0835 Royal Elementor Kit <= 1.0.116 - Missing Authorization to Arbitrary Transient Update

The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissedhandler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber access or...

CVE-2024-0835

CVE-2024-0835 affects the Royal Elementor Kit theme for WordPress. A missing capability check in the dismissed_handler function (versions up to and including 1.0.116) allows authenticated attackers with subscriber access or higher to update transients to true. Impact is limited to transients; no ...

PT-2024-15854 · WordPress · The Royal Elementor Kit

Name of the Vulnerable Software and Affected Versions: The Royal Elementor Kit theme for WordPress versions up to, and including, 1.0.116 Description: The issue arises from a missing capability check on the dismissed handler function, allowing authenticated attackers with subscriber access or...

WordPress Plugin Royal Elementor Kit Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2022-4700

The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpractivaterequiredtheme' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to activate the...

CVE-2022-4702

The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wprfixroyalcompatibility' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to deactivate every plugin on...