A plugin called “Cowidgets – Elementor Addons” for WordPress has a security issue where it can include files from the server without proper authorization. This means that people with Contributor-level access or higher can potentially run any code they want on the server. This can be used to get around security measures, access private information, or even run malicious code.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
