Security Advisory

CVE-2020-13125

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-05-17 00:39:00
Last updated 2024-08-04 12:11:19
Assigner mitre
State PUBLISHED

Description

An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled.