CVE-2026-12276 - LA-Studio Element Kit for Elementor < 1.6.1 - Unauthenticated Open Registration
CVE ID :CVE-2026-12276
Published : July 10, 2026, 6 a.m. | 46 minutes ago
Description :The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has been disabled site-wide.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : July 10, 2026, 6 a.m. | 46 minutes ago
Description :The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has been disabled site-wide.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...