Royal Elementor Kit
Approved changes feed: RSS · Atom
cpe:2.3:a:wproyal:royal_elementor_kit:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Wproyal (793f1007-f055-53cd-81c3-35337836018d) |
|---|---|
| Product | Royal Elementor Kit (ea61f0e0-8d13-51f6-8ef3-0f46b2335c3d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-32773 |
vulnerable | 2026-06-08 06:37:23.956324 |
WordPress Royal Elementor Kit theme <= 1.0.116 - Cross Site Request Forgery (CSRF) vulnerability
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Royal Elementor Kit.This issue affects Royal Elementor Kit: from n/a through 1.0.116.
Published: 2024-04-24T14:58:17.292Z
Updated: 2026-04-28T16:09:40.073Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0835 |
vulnerable | 2026-06-08 06:22:02.953958 |
Royal Elementor Kit <= 1.0.116 - Missing Authorization to Arbitrary Transient Update
MEDIUM (4.3)
The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissed_handler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber access or higher, to update arbitrary transients. Note, that these transients can only be updated to true and not arbitrary values.
Published: 2024-02-05T21:21:45.292Z
Updated: 2026-04-08T16:56:33.487Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.