3 matches found
CVE-2023-6984 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.13 - Cross-Site Request Forgery
The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.13. This is due to missing or incorrect nonce validation in the...
CVE-2023-6984 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.13 - Cross-Site Request Forgery
The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.13. This is due to missing or incorrect nonce validation in the...
CVE-2023-6984
CVE-2023-6984 concerns PowerPack Addons for Elementor (WordPress). A CSRF vulnerability exists in all versions up to 2.7.13 due to missing/incorrect nonce validation in powerpack-lite-for-elementor/classes/class-pp-admin-settings.php, enabling unauthenticated attackers to modify plugin settings v...