CVE-2026-4803

The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'status' parameter in the wprupdateformactionmeta AJAX action in all versions up to, and including, 1.7.1056. This is due to insufficient input sanitization and output escaping, combined with a...

EUVD-2026-27185

The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'status' parameter in the wprupdateformactionmeta AJAX action in all versions up to, and including, 1.7.1056. This is due to insufficient input sanitization and output escaping, combined with a...

CVE-2026-4024

The Royal Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wprupdateformactionmeta AJAX action in all versions up to, and including, 1.7.1056. The handler is registered on both wpajax and wpajaxnopriv hooks, maki...

WordPress Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin <= 1.7.1056 - Missing Authorization to Unauthenticated Form Action Meta Modification vulnerability

Missing Authorization to Unauthenticated Form Action Meta Modification vulnerability discovered by Nguyen C in WordPress Plugin Royal Elementor Addons versions = 1.7.1056...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010888)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010888 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for actionmeta Fix condition to check 'greater or equal' to...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the input validation logic for actionmeta. Also, corrected the condition to check for “greater than or equal” to prevent out-of-band dereferencing...

i40e: fix input validation logic for action_meta

...

EUVD-2025-34602

In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for actionmeta Fix condition to check 'greater or equal' to prevent OOB dereference...

CVE-2025-39970

In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for actionmeta Fix condition to check 'greater or equal' to prevent OOB dereference...

UBUNTU-CVE-2025-39970

In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for actionmeta Fix condition to check 'greater or equal' to prevent OOB dereference...

PT-2024-15632 · WordPress · The Royal Elementor Addons/Templates

Name of the Vulnerable Software and Affected Versions: The Royal Elementor Addons and Templates plugin for WordPress versions up to, and including, 1.3.87 Description: The issue is related to a missing capability check on the wpr update form action meta function, allowing unauthorized post metada...