CVE-2024-0766 | envothemes Elementor Templates & Widgets for WooCommerce Plugin Template templates_ajax_request access control

Posted by Angelo Barbosa | Feb 28, 2024 | CVE

A vulnerability has been found in envothemes Elementor Templates & Widgets for WooCommerce Plugin up to 1.4.4 on WordPress and classified as critical. This vulnerability affects the function templates_ajax_request of the component Template Handler. The manipulation leads to improper access controls.

This vulnerability was named CVE-2024-0766. The attack can be initiated remotely. There is no exploit available.

CVE-2024-0766 | envothemes Elementor Templates & Widgets for WooCommerce Plugin Template templates_ajax_request access control

Related Posts

CVE-2024-1018 | PbootCMS 3.2.5-20230421 name cross site scripting

CVE-2024-38257 | Microsoft Windows up to Server 2022 23H2 AllJoyn API uninitialized resource

CVE-2023-7015 | File Manager Pro Plugin up to 8.3.4 on WordPress cross site scripting

CVE-2024-3181 | Concrete CMS up to 8.5.15/9.2.7 Search Field os command injection