Posimyth - The Plus Addons For Elementor CVE

Filtered by vendor Posimyth Subscribe

Filtered by product The Plus Addons For Elementor

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-24948	1 Posimyth	1 The Plus Addons For Elementor	2022-01-18	5.0 MEDIUM	7.5 HIGH
The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts

Vulnerabilities (CVE)