3 matches found
CVE-2021-4447
The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created page. This makes it possible for attackers wi...
CVE-2021-4447 Essential Addons for Elementor <= 4.6.4 - Authenticated (Contributor+) Privilege Escalation
The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created page. This makes it possible for attackers wi...
CVE-2021-4447
CVE-2021-4447 affects the WordPress plugin Essential Addons for Elementor (versions up to 4.6.4). The root cause is a lack of access restrictions on who can add a registration form and a custom registration role to an Elementor page, enabling attackers with Elementor access to create a registrati...