0.001 Low
EPSS
Percentile
38.1%
The plugin does not have authorisation and CSRF checks when importing templates, which could allow any authenticated user, such as subscriber to perform such action
www.wordfence.com/blog/2023/01/eleven-vulnerabilities-patched-in-royal-elementor-addons/