VYPR
Unrated severityNVD Advisory· Published May 17, 2020· Updated Aug 4, 2024

CVE-2020-13125

CVE-2020-13125

Description

An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.