{"id":81784,"date":"2026-07-10T10:46:28","date_gmt":"2026-07-10T07:16:28","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-12276-la-studio-element-kit-for-elementor-1-6-1-unauthenticated-open-registration\/"},"modified":"2026-07-10T10:46:28","modified_gmt":"2026-07-10T07:16:28","slug":"cve-2026-12276-la-studio-element-kit-for-elementor-1-6-1-unauthenticated-open-registration","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-12276-la-studio-element-kit-for-elementor-1-6-1-unauthenticated-open-registration\/","title":{"rendered":"CVE-2026-12276 &#8211; LA-Studio Element Kit for Elementor &lt; 1.6.1 &#8211; Unauthenticated Open Registration"},"content":{"rendered":"<p>CVE ID :CVE-2026-12276<\/p>\n<p>  Published : July 10, 2026, 7:16 a.m. | 32\u00a0minutes ago<\/p>\n<p>  Description :The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has been disabled site-wide.<\/p>\n<p>  Severity: 0.0 | NA<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-12276 Published : July 10, 2026, 7:16 a.m. | 32\u00a0minutes ago Description :The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-81784","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81784","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=81784"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81784\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=81784"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=81784"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=81784"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}