0.002 Low
EPSS
Percentile
55.2%
The plugin does not have authorisation and CSRF checks when activating themes, which could allow any authenticated user, such as subscriber to perform such action
www.wordfence.com/blog/2023/01/eleven-vulnerabilities-patched-in-royal-elementor-addons/