Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.6.
8.8CVSS
4.7AI Score
0.001EPSS
Local File Inclusion vulnerability in LA-Studio LA-Studio Element Kit for Elementor via "LaStudioKit Progress Bar" widget in New Post, specifically in the "progress_type" attribute.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.8.1.
8.5CVSS
8.5AI Score
0.0004EPSS
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitra...
8.8CVSS
8.9AI Score
0.001EPSS