Vulnerabilities > CVE-2023-47827 - Incorrect Authorization vulnerability in Nicheaddons Events Addon for Elementor

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

nicheaddons

CWE-863

NVD

Published: 2023-11-30

Updated: 2023-12-05

Summary

Incorrect Authorization vulnerability in NicheAddons Events Addon for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Events Addon for Elementor: from n/a through 2.1.3.

Vulnerable Configurations

Part	Description	Count
Application	Nicheaddons Nicheaddons Events Addon FOR Elementor 1.0 Nicheaddons Events Addon FOR Elementor 1.1 Nicheaddons Events Addon FOR Elementor 1.2 Nicheaddons Events Addon FOR Elementor 1.3 Nicheaddons Events Addon FOR Elementor 1.4 Nicheaddons Events Addon FOR Elementor 1.5 Nicheaddons Events Addon FOR Elementor 1.6 Nicheaddons Events Addon FOR Elementor 1.7 Nicheaddons Events Addon FOR Elementor 1.7.1 Nicheaddons Events Addon FOR Elementor 1.8 Nicheaddons Events Addon FOR Elementor 1.8.1 Nicheaddons Events Addon FOR Elementor 1.8.2 Nicheaddons Events Addon FOR Elementor 1.8.3 Nicheaddons Events Addon FOR Elementor 1.8.4 Nicheaddons Events Addon FOR Elementor 1.8.5 Nicheaddons Events Addon FOR Elementor 1.8.6 Nicheaddons Events Addon FOR Elementor 1.8.7 Nicheaddons Events Addon FOR Elementor 1.8.8 Nicheaddons Events Addon FOR Elementor 1.8.9 Nicheaddons Events Addon FOR Elementor 1.9 Nicheaddons Events Addon FOR Elementor 1.9.1 Nicheaddons Events Addon FOR Elementor 1.9.2 Nicheaddons Events Addon FOR Elementor 1.9.3 Nicheaddons Events Addon FOR Elementor 1.9.4 Nicheaddons Events Addon FOR Elementor 1.9.5 Nicheaddons Events Addon FOR Elementor 1.9.6 Nicheaddons Events Addon FOR Elementor 1.9.7 Nicheaddons Events Addon FOR Elementor 1.9.8 Nicheaddons Events Addon FOR Elementor 1.9.8.1 Nicheaddons Events Addon FOR Elementor 1.9.8.2 Nicheaddons Events Addon FOR Elementor 1.9.9 Nicheaddons Events Addon FOR Elementor 2.0.0 Nicheaddons Events Addon FOR Elementor 2.0.1 Nicheaddons Events Addon FOR Elementor 2.0.2 Nicheaddons Events Addon FOR Elementor 2.0.3 Nicheaddons Events Addon FOR Elementor 2.0.4 Nicheaddons Events Addon FOR Elementor 2.1.0 Nicheaddons Events Addon FOR Elementor 2.1.1 Nicheaddons Events Addon FOR Elementor 2.1.2 Nicheaddons Events Addon FOR Elementor 2.1.3	40

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://patchstack.com/database/vulnerability/events-addon-for-elementor/wordpress-events-addon-for-elementor-plugin-2-1-3-broken-access-control-vulnerability?_s_id=cve