2 matches found
CVE-2024-0835
The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissedhandler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber access or...
CVE-2024-0835
CVE-2024-0835 affects the Royal Elementor Kit theme for WordPress. A missing capability check in the dismissed_handler function (versions up to and including 1.0.116) allows authenticated attackers with subscriber access or higher to update transients to true. Impact is limited to transients; no ...