2 matches found
CVE-2022-4709
The CVE-2022-4709 entry concerns the WordPress plugin Royal Elementor Addons. Affected versions up to and including 1.3.59 expose insufficient access control in the wpr_import_library_template AJAX action, allowing any authenticated user, including subscribers, to import and activate templates fr...
WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4709 Patch priority Medium CVSS severity Medium 4.3 Developer WProyal PSID 62fe02ed7ac4 Credits Ramuel Gall Required...