2 matches found
CVE-2023-4690
CVE-2023-4690 affects the Elementor Addon Elements plugin for WordPress (versions
CVE-2023-4690 Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery
The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. This is due to missing or incorrect nonce validation on the eaesaveconfig function. This makes it possible for unauthenticated attackers to change configuration...