WordPress Plugin Vulnerabilities

Royal Addons for Elementor < 1.7.1050 - Author+ Arbitrary File Upload

Description

The plugin is vulnerable to arbitrary file upload due to insufficient file type validation detecting files named main.php, allowing a file with such a name to bypass sanitization. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Affects Plugins

Plugin icon
royal-elementor-addons
Fixed in 1.7.1050

References

CVE
CVE-2025-13067
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/3edfc4af-2a28-4bdf-becf-018d9f656947

Miscellaneous

Original Researcher
mikemyers
Verified
No
WPVDB ID
c8cdeb36-03de-450f-9f63-75ef7217c518

Timeline

Publicly Published
2026-03-10 (about 2 months ago)
Added
2026-03-10 (about 2 months ago)
Last Updated
2026-03-10 (about 2 months ago)

Other

Published
Title
Published
2024-03-07
Title
Elite Booster for WooCommerce < 7.1.8 - Authenticated (Subscriber+) Arbitrary File Upload
Published
2024-05-13
Title
Kognetiks Chatbot for WordPress < 2.0.1 - Unauthenticated Arbitrary File Upload
Published
2021-10-13
Title
Brizy < 2.3.12 - Authenticated File Upload and Path Traversal
Published
2016-02-08
Title
WP User Frontend <= 2.3.10 - Unrestricted File Upload
Published
2023-02-13
Title
WooCommerce Checkout Field Manager < 18.0 - Unauthenticated Arbitrary File Upload