CVE-2023-6582
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Jan 11, 2024
Updated: Jan 17, 2024
Summary
CVE-2023-6582 is a vulnerability affecting the ElementsKit Elementor addons plugin for WordPress. The issue, present in versions up to 3.0.3, allows unauthenticated attackers to access the contents of draft, private, or pending review posts, which should not be visible to the public. This exposure is due to a flaw in the ekit_widgetarea_content function, impacting posts created with Elementor only.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share