Vulnerability in La-studio Element Kit For Elementor
CVE-2026-12276
The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated atta…
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.
Affected products
- Unknown La-studio Element Kit For Elementor — versions 0
References
- contact@wpscan.com (technical-description, exploit, vdb-entry)
Frequently asked questions
- What is CVE-2026-12276?
- CVE-2026-12276 is a medium-severity vulnerability in La-studio Element Kit For Elementor, classified under CWE-863 INCORRECT AUTHORIZATION. CVSS score: 5.3/10. Published 2026-07-10.
- How severe is CVE-2026-12276?
- Medium severity. CVSS v3 base score is 5.3 out of 10.