The Master Addons for Elementor plugin on WordPress has a flaw that allows unauthorized changes to be made to the data. This is because the function get_jltma_save_menuitem_settings in versions 2.0.5.4.1 and below does not have a check for capabilities. This means that attackers who are not logged in can make changes to menu items.