Lucene search
K

129 matches found

NVD
NVD
added 3 days ago7 views

CVE-2026-15338

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.1 via the gettypetemplate function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...

7.5CVSS0.00565EPSS
Exploits0References7
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-15338 LA-Studio Element Kit for Elementor <= 1.6.1 - Authenticated (Contributor+) Local File Inclusion via 'progress_type' Widget Setting

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.1 via the gettypetemplate function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...

7.5CVSS0.00565EPSS
Exploits0References7
CVE
CVE
added 3 days ago17 views

CVE-2026-15338

CVE-2026-15338 concerns the LA-Studio Element Kit for Elementor plugin for WordPress. Affected: all versions up to 1.6.1. Issue: Local File Inclusion via the get_type_template function in the progress_type widget setting. Exploitation requires authenticated access at contributor level or higher, ...

7.5CVSS6.5AI score0.00565EPSS
Exploits0References7
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-43126

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.1 via the gettypetemplate function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...

7.5CVSS6.5AI score0.00565EPSS
Exploits0References7
NVD
NVD
added 4 days ago7 views

CVE-2026-12276

The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has...

5.3CVSS0.00182EPSS
Exploits0References1
CVE
CVE
added 4 days ago8 views

CVE-2026-12276

Affected software: LA-Studio Element Kit for Elementor WordPress plugin

5.3CVSS5.8AI score0.00182EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42829

The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has...

5.3CVSS6AI score0.00182EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-12276

The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has...

5.3CVSS6AI score0.00182EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-12276 LA-Studio Element Kit for Elementor < 1.6.1 - Unauthenticated Open Registration

The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has...

0.00182EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/18 12:0 a.m.10 views

WordPress Plugin 'LA Studio Element Kit for Elementor' < 1.6.0 Unauthenticated Privilege Escalation via Backdoor

The WordPress application running on the remote host has a version of the 'LA Studio Element Kit for Elementor' plugin that is prior to 1.6.0. It is, therefore, affected by an unauthenticated privilege escalation vulnerability. The plugin contains a backdoor that allows unauthenticated attackers ...

9.8CVSS5.9AI score0.01078EPSS
Exploits5References3
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.5 views

CVE-2026-24947

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

4.3CVSS5.3AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 3:16 p.m.22 views

CVE-2026-24947

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

4.3CVSS0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 2:8 p.m.7 views

EUVD-2026-5217

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

4.3CVSS5.3AI score0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:8 p.m.4 views

CVE-2026-24947

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

5.3AI score0.00197EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 2:8 p.m.28 views

CVE-2026-24947 WordPress LA-Studio Element Kit for Elementor plugin < 1.5.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

4.3CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 2:8 p.m.12 views

CVE-2026-24947

The CVE-2026-24947 affects WordPress plugin LA-Studio Element Kit for Elementor (LA-Studio Element Kit). Affected versions are prior to 1.5.6.3. The issue is a broken access control due to a missing authorization check, allowing exploitation via insufficient access controls. Remediation is to upg...

4.3CVSS5.3AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 2:8 p.m.6 views

CVE-2026-24947 WordPress LA-Studio Element Kit for Elementor plugin < 1.5.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

4.3CVSS5.3AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

WordPress plugin LA-Studio Element Kit for Elementor 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.8 views

PT-2026-6220

Name of the Vulnerable Software and Affected Versions LA-Studio Element Kit for Elementor versions prior to 1.5.6.3 Description An issue exists in LA-Studio Element Kit for Elementor related to incorrectly configured access control security levels, potentially allowing unauthorized access. The...

4.3CVSS5.4AI score0.00197EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/02/02 8:14 a.m.8 views

WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.8.1 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by stealthcopter in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.3.8.1...

8.8CVSS5.3AI score0.00955EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder