Tag
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to local file inclusion (LFI) via the 'path' parameter in the 'get_content' AJAX action, allowing authenticated attackers with Author-level access or higher to include and execute arbitrary PHP files, leading to potential code execution.