This vulnerability involves missing authorization checks in The Plus Addons for Elementor Pro plugin by POSIMYTH Innovation, affecting versions before 6.3.7. The issue arises from incorrectly configured access control, potentially allowing an attacker with low privileges to perform unauthorized actions that impact system integrity. The CVSS 3.1 vector indicates network attack vector, low attack complexity, low privileges required, no user interaction, unchanged scope, no confidentiality impact, high integrity impact, and no availability impact. No official patch or vendor advisory details are provided in the data.

The vulnerability can lead to unauthorized modification or manipulation of data or functionality within the affected plugin, impacting the integrity of the system. Confidentiality and availability are not affected according to the CVSS vector. There are no known exploits in the wild, suggesting limited or no active exploitation at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no patch or official fix information is provided, users should monitor POSIMYTH Innovation's advisories for updates. Until a fix is available, restrict access to the plugin's administrative functions to trusted users only to minimize risk.