Lucene search
WpvulndbWPVDB-ID:C431BD21-D2DC-4EDC-A5E0-A8E0BDD6D069HistoryNov 04, 2022 - 12:00 a.m.
Jeg Elementor Kit < 2.5.7 - Unauthenticated Settings Update
2022-11-0400:00:00
wpscan.com
10
elementor
unauthenticated
settings update
0.001 Low
EPSS
Percentile
49.4%
The plugin does not have authorisation check when updating its settings, which could allow unauthenticated users, such as subscriber to update them (such as the change the MailChimp API key, 404 page settings etc)
| CPE | Name | Operator | Version |
|---|---|---|---|
| jeg-elementor-kit | lt | 2.5.7 |
Related
prion
prion
Authorization
2022-12-22 21:15:00
nvd
nvd
CVE-2022-3805
2022-12-22 21:15:10
cvelist
cvelist
CVE-2022-3805
2022-12-22 20:26:49
cve
cve
CVE-2022-3805
2022-12-22 21:15:10