cleantalk
Vulnerabilities and Security Researches

Royal Elementor Addons and Templates, 70e3861f811c847c408946a4394074851b3e632a

CVE, Research URL

70e3861f811c847c408946a4394074851b3e632a

Home page URL

Security reports for Royal Elementor Addons and Templates

Application

Royal Elementor Addons and Templates

Published on
Dec 06, 2022
Research Description
Royal Elementor Addons and Templates [royal-elementor-addons] < 1.3.33 Royal Elementor Addons <= 1.3.55 - Cross-Site Request Forgery The Royal Elementor Addons plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.55. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to invoke those functions via forged request granted they can trick a site administrator into performing an action such as clicking on a link. This may lead to template creation and deletion.
Affected versions
Min -, max 1.3.33.
Status
vulnerable
Previous vulnerability researches
Royal Elementor Addons and Templates (70e3861f811c847c408946a4394074851b3e632a) , Jun 07, 2024
Royal Elementor Addons and Templates (CVE-2022-4702) , Jun 07, 2024
Royal Elementor Addons and Templates (CVE-2022-4102) , Jun 07, 2024
Royal Elementor Addons and Templates (CVE-2022-4710) , Jun 07, 2024
Royal Elementor Addons and Templates (CVE-2025-26990) , Apr 16, 2025
New vulnerability
Royal Elementor Addons and Templates (CVE-2025-26990) , Apr 16, 2025
TS Poll &#8211; Best Poll Plugin for WordPress (CVE-2025-3470) , Apr 16, 2025
Contact Form 7 (CVE-2025-3247) , Apr 16, 2025
Logo Carousel Gutenberg Block (CVE-2025-2083) , Apr 16, 2025
My auctions allegro (CVE-2025-27009) , Apr 16, 2025