Description
WordPress Plugin Elementor Addon Elements is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Elementor Addon Elements version 1.11.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.11.8 or latest
References
Related Vulnerabilities
WordPress Plugin BuddyPress Cross-Site Request Forgery (2.9.0)
Contao Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-10641)
PHP Other Vulnerability (CVE-2014-4698)
WordPress Plugin Pay Per Media Player Multiple Cross-Site Scripting Vulnerabilities (1.24)
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15730)