Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:33 a.m.10 views

CVE-2022-4103

The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorisation and CSRF checks when creating a template, and does not ensure that the post created is a template. This could allow any authenticated users, such as subscriber to create a post as well as any post type with an...

4.3CVSS6.8AI score0.00262EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/04/25 12:0 a.m.12 views

WordPress The Royal Elementor Addons Plugin < 1.3.56 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:royal-elementor-addons:royalelementoraddons"; if description...

4.3CVSS4.2AI score0.00262EPSS
Exploits2References2
NVD
NVD
added 2023/01/09 11:15 p.m.18 views

CVE-2022-4103

The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorisation and CSRF checks when creating a template, and does not ensure that the post created is a template. This could allow any authenticated users, such as subscriber to create a post as well as any post type with an...

4.3CVSS4.7AI score0.00262EPSS
Exploits1References1
CVE
CVE
added 2023/01/09 10:13 p.m.53 views

CVE-2022-4103

CVE-2022-4103 affects the Royal Elementor Addons WordPress plugin (versions prior to 1.3.56). The root cause is lack of authorization and CSRF checks when creating a template, with no guarantee the created post is actually a template. This can allow any authenticated user (e.g., subscribers) to c...

4.3CVSS4.6AI score0.00262EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/09 10:13 p.m.4 views

CVE-2022-4103 Royal Elementor Addons < 1.3.56 - Subscriber+ Arbitrary Post Creation

The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorisation and CSRF checks when creating a template, and does not ensure that the post created is a template. This could allow any authenticated users, such as subscriber to create a post as well as any post type with an...

6.8AI score0.00262EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/01/09 10:13 p.m.27 views

CVE-2022-4103 Royal Elementor Addons < 1.3.56 - Subscriber+ Arbitrary Post Creation

The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorisation and CSRF checks when creating a template, and does not ensure that the post created is a template. This could allow any authenticated users, such as subscriber to create a post as well as any post type with an...

4.9AI score0.00262EPSS
Exploits1References1
Rows per page
Query Builder