CVE-2023-32245 MEDIUM

CVE-2023-32245: WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Server Side Request Forgery (SSRF)

Vendor Wpdeveloper
Product Essential Addons for Elementor Pro
Weakness CWE-352 · CSRF
Published November 18, 2023
Last update April 28, 2026

CVSS base score

5.4/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Essential Addons for Elementor Pro.This issue affects Essential Addons for Elementor Pro: from n/a through 5.4.8.

Key dates

02Disclosure timeline

November 18, 2023 CVE published
April 28, 2026 Record updated