2 matches found
CVE-2024-0512
CVE-2024-0512 affects Royal Elementor Addons and Templates for WordPress. The issue is CSRF due to missing or improper nonce validation in the add_to_wishlist function, allowing unauthenticated attackers to forge requests to add items to user wishlists. Affected versions are up to and including 1...
WordPress Royal Elementor Addons Plugin <= 1.3.87 is vulnerable to Cross Site Request Forgery (CSRF)
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.87 Fixed in 1.3.88 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0512 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID 883b845e41ec Credits Francesco Carlucci...