cleantalk
Vulnerabilities and Security Researches

Eleblog – Elementor Blog And Magazine Addons, CVE-2024-10663

CVE, Research URL

CVE-2024-10663

Home page URL

Security reports for Eleblog – Elementor Blog And Magazine Addons

Application

Eleblog – Elementor Blog And Magazine Addons

Published on
Dec 04, 2024
Research Description
The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the goodbye_form_callback() function in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to submit a deactivation reason.
Affected versions
max 1.8.
Status
vulnerable
Previous vulnerability researches
Eleblog – Elementor Blog And Magazine Addons (CVE-2025-69374) , Feb 27, 2026
Eleblog – Elementor Blog And Magazine Addons (CVE-2024-10663) , Dec 06, 2024
Eleblog – Elementor Blog And Magazine Addons (CVE-2024-33945) , Jun 06, 2024
New vulnerability
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2026-24951) , Feb 27, 2026
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2026-27440) , Feb 27, 2026
eDS Responsive Menu (CVE-2025-68845) , Feb 27, 2026
s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription (CVE-2025-13732) , Feb 27, 2026
Run Contests, Raffles, and Giveaways with ContestsWP (CVE-2026-25023) , Feb 27, 2026