Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/22 9:31 a.m.14 views

CVE-2024-13855

The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the paeglobalblock shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS6.5AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2025/02/20 10:15 a.m.9 views

CVE-2024-13855

The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the paeglobalblock shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS0.00309EPSS
Exploits0References3
CVE
CVE
added 2025/02/20 9:21 a.m.54 views

CVE-2024-13855

CVE-2024-13855 affects Prime Addons for Elementor (WordPress) via Insecure Direct Object Reference in pae_global_block. From Wordfence data: all versions up to 2.0.1 are vulnerable; exploitation requires authenticated access at Contributor level or higher to extract information from non-public po...

4.3CVSS4.4AI score0.00309EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/20 9:21 a.m.6 views

CVE-2024-13855 Prime Addons for Elementor <= 2.0.1 - Authenticated (Contributor+) Insecure Direct Object Reference via pae_global_block Shortcode

The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the paeglobalblock shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS4.4AI score0.00309EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/20 9:21 a.m.21 views

CVE-2024-13855 Prime Addons for Elementor <= 2.0.1 - Authenticated (Contributor+) Insecure Direct Object Reference via pae_global_block Shortcode

The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the paeglobalblock shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS0.00309EPSS
Exploits0References3
Rows per page
Query Builder