CVE-2023-35046

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 13, 2024
CWE ID 862

Summary

CVE-2023-35046 is a Missing Authorization vulnerability affecting Dynamic Visibility for Elementor, a plugin used in WordPress websites. The flaw enables unauthorized access to functionalities that should be restricted based on incorrectly configured access control security levels. This issue poses a risk to any website running the affected plugin version from n/a to 5.0.5. An attacker could potentially exploit this vulnerability to gain unnecessary privileges and execute malicious actions. It is crucial for users to update their plugin to the latest available version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share