3 matches found
CVE-2024-10326 RomethemeKit For Elementor <= 1.5.3 - Missing Authorization in save_options and reset_widgets
The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveoptions and resetwidgets functions in all versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with...
CVE-2024-10326
CVE-2024-10326 – RomethemeKit for Elementor (WordPress) : The vulnerability is caused by a missing capability check in the save_options and reset_widgets functions, affecting all versions up to 1.5.3. This allows authenticated attackers with Subscriber-level access and above to modify plugin sett...
CVE-2024-10326 RomethemeKit For Elementor <= 1.5.3 - Missing Authorization in save_options and reset_widgets
The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveoptions and resetwidgets functions in all versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with...