CVE-2024-6824
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-6824 is a vulnerability affecting the Premium Addons for Elementor plugin used in WordPress sites. This issue allows authenticated attackers with Contributor-level access or higher to bypass capability checks on the 'check_temp_validity' and 'update_template_title' functions, leading to unauthorized modification and deletion of content, as well as the update of post and page titles in all versions up to and including 4.10.38. This could potentially result in significant data loss and compromise for affected websites. Users are advised to update the plugin to a patched version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.