Vulnerability Details CVE-2024-0516
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to unauthorized post metadata update due to a missing capability check on the wpr_update_form_action_meta function in all versions up to, and including, 1.3.87. This makes it possible for unauthenticated attackers to update certain metadata.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.5%
CVSS Severity
CVSS v3 Score 5.3
References
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d3457b87-c860-4cf2-ac3d-2c6521b629ea?source=cve
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d3457b87-c860-4cf2-ac3d-2c6521b629ea?source=cve
Products affected by CVE-2024-0516
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:-
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.0
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.2
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.2
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.21
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.22
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.23
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.25
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.26
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.27
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.28
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.29
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.30
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.32
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.33
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.34
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.36
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.37
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.38
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.39
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.40
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.42
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.43
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.44
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.45
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.46
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.47
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.48
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.49
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.50
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.51
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.56
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.58
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.59
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.60
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.61
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.62
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.63
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.64
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.65
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.66
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.67
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.68
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.69
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.70
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.71
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.75
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.76
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.77
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.78
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.79
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.80
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.81
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.82
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.83
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.84
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.85
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.86
-
cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:1.3.87