La Studio Element Kit For Elementor
Monthly
Local File Inclusion in the LA-Studio Element Kit for Elementor WordPress plugin (all versions through 1.6.1) lets authenticated contributors and above coerce the get_type_template function into including arbitrary server-side .php files, enabling access-control bypass, sensitive data disclosure, and full PHP code execution where an attacker can plant a .php file. Reported by Wordfence with a CVSS 3.1 base score of 7.5; no public exploit identified at time of analysis and it is not listed in CISA KEV. The flaw stems from wp_normalize_path being relied upon for path safety even though it only canonicalizes separators and never rejects traversal sequences.
Unauthenticated account registration bypass in the LA-Studio Element Kit for Elementor WordPress plugin (all versions before 1.6.1) allows remote, unauthenticated attackers to create WordPress user accounts on sites where site-wide registration has been explicitly disabled by the administrator. The vulnerable component is an unauthenticated AJAX action handler that omits the standard WordPress registration-status check, effectively nullifying an administrative security control. A publicly available proof-of-concept exists via WPScan, and a vendor patch is available in version 1.6.1; no confirmed active exploitation (CISA KEV) has been recorded at time of analysis.
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.4 via the 'elementor-template' shortcode due to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LinkWrapper attribute found in several widgets in all versions up to, and including,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Local File Inclusion in the LA-Studio Element Kit for Elementor WordPress plugin (all versions through 1.6.1) lets authenticated contributors and above coerce the get_type_template function into including arbitrary server-side .php files, enabling access-control bypass, sensitive data disclosure, and full PHP code execution where an attacker can plant a .php file. Reported by Wordfence with a CVSS 3.1 base score of 7.5; no public exploit identified at time of analysis and it is not listed in CISA KEV. The flaw stems from wp_normalize_path being relied upon for path safety even though it only canonicalizes separators and never rejects traversal sequences.
Unauthenticated account registration bypass in the LA-Studio Element Kit for Elementor WordPress plugin (all versions before 1.6.1) allows remote, unauthenticated attackers to create WordPress user accounts on sites where site-wide registration has been explicitly disabled by the administrator. The vulnerable component is an unauthenticated AJAX action handler that omits the standard WordPress registration-status check, effectively nullifying an administrative security control. A publicly available proof-of-concept exists via WPScan, and a vendor patch is available in version 1.6.1; no confirmed active exploitation (CISA KEV) has been recorded at time of analysis.
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.4 via the 'elementor-template' shortcode due to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LinkWrapper attribute found in several widgets in all versions up to, and including,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.