2 matches found
CVE-2024-3249
CVE-2024-3249: The Zita Elementor Site Library plugin for WordPress is vulnerable to unauthorized data modification due to missing capability checks on import_xml_data, xml_data_import, import_option_data, import_widgets, and import_customizer_settings in all versions up to 1.6.2. Authenticated a...
WordPress Zita Elementor Site Library Plugin <= 1.6.2 is vulnerable to Broken Access Control
Software Zita Elementor Site Library Type Plugin Vulnerable versions = 1.6.2 Fixed in 1.6.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3249 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ee7892685efa Credits Lucio Sá Required...