CVE-2023-6743

Name of the Vulnerable Software and Affected Versions The Unlimited Elements For Elementor plugin versions up to, and including, 1.5.89

Description The issue allows authenticated attackers with contributor access and above to execute code on the server via the template import functionality. This enables remote code execution, posing a significant risk.

Recommendations For versions up to, and including, 1.5.89, update to a version higher than 1.5.89 to resolve the issue. As a temporary workaround, consider restricting access to the template import functionality to minimize the risk of exploitation.