5 matches found
CVE-2024-13855
The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the paeglobalblock shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2024-13855
The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the paeglobalblock shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2024-13855
CVE-2024-13855 affects Prime Addons for Elementor (WordPress) via Insecure Direct Object Reference in pae_global_block. From Wordfence data: all versions up to 2.0.1 are vulnerable; exploitation requires authenticated access at Contributor level or higher to extract information from non-public po...
CVE-2024-13855 Prime Addons for Elementor <= 2.0.1 - Authenticated (Contributor+) Insecure Direct Object Reference via pae_global_block Shortcode
The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the paeglobalblock shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2024-13855 Prime Addons for Elementor <= 2.0.1 - Authenticated (Contributor+) Insecure Direct Object Reference via pae_global_block Shortcode
The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the paeglobalblock shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...