CVEs-PoC/2021/CVE-2021-4446.md at 9fdf63f72aaf69c2cfcdf003f210c221cc422aaa

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-15 15:58:01 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6.4 due to missing capability checks and nonce disclosure. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to perform many unauthorized actions such as changing settings and installing arbitrary plugins.

POC

Reference

No PoCs from references.

Github

https://github.com/20142995/nuclei-templates
https://github.com/ARPSyndicate/cve-scores
https://github.com/cyb3r-w0lf/nuclei-template-collection

1.1 KiB Raw Blame History

CVE-2021-4446

Description

POC

Reference

Github

1.1 KiB

Raw Blame History