EPSS
Percentile
26.3%
The plugin does not have authorisation and CSRF checks when updating the mega menu settings, which could allow any authenticated user, such as subscriber to perform such action
www.wordfence.com/blog/2023/01/eleven-vulnerabilities-patched-in-royal-elementor-addons/