Metrics
Affected Vendors & Products
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Mon, 15 Dec 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Mon, 15 Dec 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Elementor
Elementor elementor Royal-elementor-addons Royal-elementor-addons royal Elementor Addons Wordpress Wordpress wordpress |
|
| Vendors & Products |
Elementor
Elementor elementor Royal-elementor-addons Royal-elementor-addons royal Elementor Addons Wordpress Wordpress wordpress |
Mon, 15 Dec 2025 06:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Royal Addons for Elementor WordPress plugin before 1.7.1037 does not have proper authorisation, allowing unauthenticated users to upload media files via the wpr_addons_upload_file action. | |
| Title | Royal Elementor Addons and Templates < 1.7.1037 - Unauthenticated Media File Upload | |
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2025-12-15T14:43:32.956Z
Reserved: 2025-10-06T12:38:04.177Z
Link: CVE-2025-11363
Vulnrichment
Updated: 2025-12-15T14:43:15.545Z
NVD
Status : Received
Published: 2025-12-15T06:15:42.383
Modified: 2025-12-15T15:15:46.920
Link: CVE-2025-11363
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-12-15T14:05:29Z
No weakness.