Lucene search
K

4 matches found

GithubExploit
GithubExploit
added 2026/04/18 7:43 p.m.168 views

Exploit for CVE-2026-0920

CVE-2026-0920- LA-Studio Element Kit for Elementor = 1.5.6...

9.8CVSS6AI score0.01078EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2026/02/18 12:0 a.m.10 views

WordPress Plugin 'LA Studio Element Kit for Elementor' < 1.6.0 Unauthenticated Privilege Escalation via Backdoor

The WordPress application running on the remote host has a version of the 'LA Studio Element Kit for Elementor' plugin that is prior to 1.6.0. It is, therefore, affected by an unauthenticated privilege escalation vulnerability. The plugin contains a backdoor that allows unauthenticated attackers ...

9.8CVSS5.9AI score0.01078EPSS
Exploits5References3
RedhatCVE
RedhatCVE
added 2026/01/23 9:18 a.m.9 views

CVE-2026-0920

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajaxregisterhandle' function not restricting what user roles a user can register with. This makes it possible for...

9.8CVSS5.5AI score0.01078EPSS
Exploits5References1
Cvelist
Cvelist
added 2026/01/22 6:47 a.m.76 views

CVE-2026-0920 LA-Studio Element Kit for Elementor <= 1.5.6.3 - Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakit_bkrole parameter

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajaxregisterhandle' function not restricting what user roles a user can register with. This makes it possible for...

9.8CVSS0.01078EPSS
Exploits5References3
Rows per page
Query Builder