2 matches found
CVE-2024-10356 ElementsReady Addons for Elementor <= 6.4.8 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates
The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.8 in inc/Widgets/accordion/output/content.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to...
CVE-2024-10356
CVE-2024-10356 affects ElementsReady Addons for Elementor (WordPress). Remote code is not exposed; the issue is Sensitive Information Exposure due to insecure access control in inc/Widgets/accordion/output/content.php, exploitable by authenticated users with Contributor+ rights. The Red Hat/Wordf...