What is CVE-2024-2619?

CVE-2024-2619 is a medium-severity vulnerability in Brainstormforce Ultimate Addons For Elementor, classified under Missing Authorization. CVSS score: 5.0/10. Published 2024-05-16.

How severe is CVE-2024-2619?

Medium severity. CVSS v3 base score is 5.0 out of 10.

Auth bypass in Brainstormforce Ultimate Addons For Elementor

CVE-2024-2619

The Elementor Header & Footer Builder for WordPress is vulnerable to HTML Injection in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers…

Vulnerability class: Broken Access Control

EPSS: 0.002 (37.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.0 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N.

Affected products

Brainstormforce Ultimate Addons For Elementor — versions 0

Weakness classification (CWE)

CWE-862 — Missing Authorization

References

Frequently asked questions

What is CVE-2024-2619?: CVE-2024-2619 is a medium-severity vulnerability in Brainstormforce Ultimate Addons For Elementor, classified under Missing Authorization. CVSS score: 5.0/10. Published 2024-05-16.
How severe is CVE-2024-2619?: Medium severity. CVSS v3 base score is 5.0 out of 10.