Description

The Happy Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to insufficient authorization on the duplicate_thing() function in all versions up to, and including, 3.10.4. This makes it possible for attackers, with contributor-level access and above, to clone arbitrary posts (including private and password protected ones) which may lead to information exposure.

INFO

Published Date :

2024-04-09T18:59:14.618Z

Last Modified :

2026-04-08T17:15:43.804Z

Source :

Wordfence
AFFECTED PRODUCTS

The following products are affected by CVE-2024-1387 vulnerability.

Vendors Products
Leevio
  • Happy Addons For Elementor

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact