2 matches found
WordPress Essential Addons for Elementor Plugin <= 5.9.13 is vulnerable to PHP Object Injection
Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.13 Fixed in 5.9.14 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-3018 Patch priority Low CVSS severity Low 8 Developer WPDeveloper PSID b599dd4e668d Credits Ngô Thiên An ancorn Required...
CVE-2024-3018
The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.9.13 via deserialization of untrusted input from the 'errorresetpassword' attribute of the "Login | Register Form" widget disabled by default. This makes it possib...