CVE-2024-12110
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-12110 is a vulnerability affecting the Gold Addons for Elementor plugin for WordPress. This issue stems from the lack of capability checks on the activate() and deactivate() functions, present in all versions up to 1.3.2. Consequently, authenticated attackers with Subscriber-level access or higher can exploit this weakness to make unauthorized modifications to the data, including activating and deactivating licenses. This vulnerability poses a significant risk to WordPress sites utilizing the Gold Addons for Elementor plugin, emphasizing the importance of timely updates to maintain cybersecurity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Gold Addons For Elementor Plugin
Affected Vendors
- WordPress