CVE-2023-6582

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 11, 2024
Updated: Jan 17, 2024

Summary

CVE-2023-6582 is a vulnerability affecting the ElementsKit Elementor addons plugin for WordPress. The issue, present in versions up to 3.0.3, allows unauthenticated attackers to access the contents of draft, private, or pending review posts, which should not be visible to the public. This exposure is due to a flaw in the ekit_widgetarea_content function, impacting posts created with Elementor only.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share