CVE-2024-6626

Name of the Vulnerable Software and Affected Versions EleForms – All In One Form Integration including DB for Elementor plugin for WordPress versions up to, and including, 2.9.9.9

Description The issue is related to unauthorized access of data due to a missing capability check on several functions. This allows unauthenticated attackers to view form submissions.

Recommendations For versions up to, and including, 2.9.9.9, update to a version higher than 2.9.9.9 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.