CVE-2022-4102

The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF checks when deleting a template and does not ensure that the post to be deleted is a template. This could allow any authenticated users, such as subscribers, to delete arbitrary posts assuming they know the related slug.

CVSS v3 3.1 LOW

3.1^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.6 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://wpscan.com/vulnerability/c177f763-0bb5-4734-ba2e-7ba816578937	Exploit Third Party Advisory
https://wpscan.com/vulnerability/c177f763-0bb5-4734-ba2e-7ba816578937	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 07:34

Type	Values Removed	Values Added
References	~~() https://wpscan.com/vulnerability/c177f763-0bb5-4734-ba2e-7ba816578937 - Exploit, Third Party Advisory~~	() https://wpscan.com/vulnerability/c177f763-0bb5-4734-ba2e-7ba816578937 - Exploit, Third Party Advisory
Summary		(es) El complemento Royal Elementor Addons de WordPress anterior a 1.3.56 no tiene autorización y verifica CSRF al eliminar una plantilla y no garantiza que la publicación que se eliminará sea una plantilla. Esto podría permitir que cualquier usuario autenticado, como suscriptores, elimine publicaciones arbitrarias, asumiendo que conocen el slug relacionado.

27 Jun 2023, 15:35

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-01-09 23:15

Updated : 2025-04-09 19:15

NVD link : CVE-2022-4102

Mitre link : CVE-2022-4102

CVE.ORG link : CVE-2022-4102

JSON object : View

Products Affected

royal-elementor-addons

royal_elementor_addons

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

CWE-862

Missing Authorization

{"id": "CVE-2022-4102", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.6}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.6}]}, "published": "2023-01-09T23:15:27.247", "references": [{"url": "https://wpscan.com/vulnerability/c177f763-0bb5-4734-ba2e-7ba816578937", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/vulnerability/c177f763-0bb5-4734-ba2e-7ba816578937", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}, {"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF checks when deleting a template and does not ensure that the post to be deleted is a template. This could allow any authenticated users, such as subscribers, to delete arbitrary posts assuming they know the related slug."}, {"lang": "es", "value": "El complemento Royal Elementor Addons de WordPress anterior a 1.3.56 no tiene autorizaci\u00f3n y verifica CSRF al eliminar una plantilla y no garantiza que la publicaci\u00f3n que se eliminar\u00e1 sea una plantilla. Esto podr\u00eda permitir que cualquier usuario autenticado, como suscriptores, elimine publicaciones arbitrarias, asumiendo que conocen el slug relacionado."}], "lastModified": "2025-04-09T19:15:45.093", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "16021B7A-85DD-4EE8-9BAB-D1743D21BDDD", "versionEndExcluding": "1.3.56"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}