CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
9.0%
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 5.9.13 via the load_more function. This can allow unauthenticated attackers to extract sensitive data including private and draft posts.
Vendor | Product | Version | CPE |
---|---|---|---|
wpdevteam | essential_addons_for_elementor_–_best_elementor_templates\,_widgets\,_kits_\&_woocommerce_builders | * | cpe:2.3:a:wpdevteam:essential_addons_for_elementor_–_best_elementor_templates\,_widgets\,_kits_\&_woocommerce_builders:*:*:*:*:*:wordpress:*:* |
[
{
"vendor": "wpdevteam",
"product": "Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders",
"versions": [
{
"version": "*",
"status": "affected",
"lessThanOrEqual": "5.9.13",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]