ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Ultimate Addons for Elementor plugin <= 1.20.0 - Authentication Bypass vulnerability

Product
Ultimate Addons for Elementor
Description
Authentication Bypass vulnerability found by MalCare in WordPress Ultimate Addons for Elementor plugin (versions <= 1.20.0).
Solution
Update the WordPress Ultimate Addons for Elementor plugin to the latest available version (at least 1.20.1).
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.20.0
Fixed In 1.20.1
Disclosure date
2019-12-12
Credits
MalCare
Submitter
ThreatPress