EUVD-2026-22902

Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through = 1.7.1056...

WordPress Royal Core plugin <= 2.9.2 - Authenticated (Subscriber+) Arbitrary Options Update vulnerability

Authenticated Subscriber+ Arbitrary Options Update vulnerability discovered by Tonn in WordPress Plugin Royal Core versions = 2.9.2...

CVE-2024-56227

Missing Authorization vulnerability in WP Royal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through 1.7.1001...

WordPress Royal Elementor Addons Plugin <= 1.7.1001 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.7.1001 Fixed in 1.7.1002 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9682 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID ab419098cc35 Credits zer0gh0st Required...

WordPress Royal Elementor Addons Plugin <= 1.3.986 is vulnerable to Sensitive Data Exposure

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.986 Fixed in 1.3.987 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-7417 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID 4060f71c187f Credits stealthcopter Required...

WordPress Royal Elementor Addons Plugin <= 1.3.982 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.982 Fixed in 1.3.985 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44001 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID d1433083a6b5 Credits João Pedro S Alcântara Kinorth...

WordPress Royal Elementor Addons Plugin <= 1.3.976 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.976 Fixed in 1.3.977 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4488 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID 5773f8c6e186 Credits Ngô Thiên An ancorn...

CVE-2024-32786

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through 1.3.93...

WordPress Royal Elementor Addons Plugin <= 1.3.971 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.971 Fixed in 1.3.972 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3675 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID 455900c3fc8f Credits stealthcopter Require...

WordPress Royal Elementor Addons Plugin <= 1.3.94 is vulnerable to Arbitrary File Upload

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.94 Fixed in 1.3.95 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Upload CVE CVE-2024-1567 Patch priority High CVSS severity High 8.2 Developer WProyal PSID 7b79f8ce62d8 Credits wesley wcraft Required...

WordPress Royal Elementor Addons Plugin <= 1.3.87 is vulnerable to Cross Site Request Forgery (CSRF)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.87 Fixed in 1.3.88 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0512 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID 883b845e41ec Credits Francesco Carlucci...

WordPress Royal Elementor Addons Plugin <= 1.3.87 is vulnerable to Cross Site Request Forgery (CSRF)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.87 Fixed in 1.3.88 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0511 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID 28c83e760e87 Credits Francesco Carlucci...

WordPress Royal Elementor Addons Plugin < 1.3.81 is vulnerable to Broken Access Control

Software Royal Elementor Addons Type Plugin Vulnerable versions 1.3.81 Fixed in 1.3.81 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5922 Patch priority Low CVSS severity Low 5.3 Developer WProyal PSID 2215bda637be Credits Krzysztof Zając CERT PL Require...

WordPress Royal Elementor Addons Plugin <= 1.3.70 is vulnerable to Sensitive Data Exposure

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.70 Fixed in 1.3.71 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-3709 Patch priority Low CVSS severity Low 5.3 Developer WProyal PSID 0083800052cc Credits Ulyses Saicha Required...

WordPress Royal Elementor Addons Plugin < 1.3.71 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions 1.3.71 Fixed in 1.3.71 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer WProyal PSID f12eb2449894 Credits Rafie Muhammad Patchstack Require...

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4703 Patch priority Medium CVSS severity Medium 4.3 Developer WProyal PSID c80fbc0d4bbd Credits Ramuel Gall Required...

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4711 Patch priority Medium CVSS severity Medium 4.3 Developer WProyal PSID 242bc7b4f228 Credits Ramuel Gall Required...

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4710 Patch priority High CVSS severity High 6.1 Developer WProyal PSID 88dfeeb21d4c Credits Ramuel Gall Required...