The Happy Addons for Elementor plugin for WordPress has a security issue that allows unauthorized access to data. This is because the add_row_actions() function in versions 3.10.1 and below does not have a capability check. This means that attackers who are logged in with contributor-level access or higher can make copies of any post, even ones with password protection. This could potentially give them access to restricted content within those posts.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)
