HT Mega – Absolute Addons For Elementor <= 2.5.2 - Missing Authorization to Options Update
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'ajax_dismiss' function in versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update options such as users_can_register, which can lead to unauthorized user registration. But this is kind of pointless as you need a registered user to open registration but if you know of another value that can be set to true in the options this would enable it.
Severity: medium
CVE ID: CVE-2024-4875
CVSS Score: 4.3
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Plugin Slug: ht-mega-for-elementor
WPScan URL: https://www.wpscan.com/plugin/ht-mega-for-elementor
Reference URL: https://www.wordfence.com/threat-intel/vulnerabilities/id/bdd3868a-d741-42b4-bc7f-6fb5d33bb71b