CVE-2024-12110

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 6, 2024
CWE ID 862

Summary

CVE-2024-12110 is a vulnerability affecting the Gold Addons for Elementor plugin for WordPress. This issue stems from the lack of capability checks on the activate() and deactivate() functions, present in all versions up to 1.3.2. Consequently, authenticated attackers with Subscriber-level access or higher can exploit this weakness to make unauthorized modifications to the data, including activating and deactivating licenses. This vulnerability poses a significant risk to WordPress sites utilizing the Gold Addons for Elementor plugin, emphasizing the importance of timely updates to maintain cybersecurity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Gold Addons For Elementor Plugin

Affected Vendors

  • WordPress