CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

Premium Addons for Elementor - Unauthenticated Information Disclosure

Premium Addons for Elementor plugin for WordPress version 4.11.53 and below contains an unauthenticated information disclosure vulnerability.The vulnerability exists due to a missing authorization check in the gettemplatecontent AJAX handler, allowing unauthenticated attackers to retrieve private...

5.3CVSS5.2AI score0.00715EPSS

Exploits0References4

EUVD•added 2026/03/26 6:30 a.m.•1 views

EUVD-2026-16116

The Elementor Website Builder plugin for WordPress is vulnerable to Incorrect Authorization to Sensitive Information Exposure in all versions up to, and including, 3.35.7. This is due to a logic error in the isallowedtoreadtemplate function permission check that treats non-published templates as...

4.3CVSS5.8AI score0.0025EPSS

Exploits0References3

NVD•added 2026/03/26 6:16 a.m.•5 views

CVE-2026-1206

4.3CVSS0.0025EPSS

Exploits0References2

Cvelist•added 2026/03/26 5:29 a.m.•33 views

CVE-2026-1206 Elementor Website Builder <= 3.35.7 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template

4.3CVSS0.0025EPSS

Exploits0References2

CVE•added 2026/03/26 5:29 a.m.•20 views

CVE-2026-1206

The CVE-2026-1206 entry concerns the Elementor Website Builder plugin for WordPress. Affected versions are all up to and including 3.35.7. The vulnerability arises from a logic error in is_allowed_to_read_template() that mishandles the permission check for template access, causing non-published t...

4.3CVSS5.8AI score0.0025EPSS

Exploits0References2

ATTACKERKB•added 2026/03/26 5:29 a.m.•2 views

CVE-2026-1206

4.3CVSS5.8AI score0.0025EPSS

Exploits0References3

Vulnrichment•added 2026/03/26 5:29 a.m.•4 views

CVE-2026-1206 Elementor Website Builder <= 3.35.7 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template

4.3CVSS5.8AI score0.0025EPSS

Exploits0References2

Positive Technologies•added 2026/03/26 12:0 a.m.•2 views

PT-2026-28209

The Elementor Website Builder plugin for WordPress is vulnerable to Incorrect Authorization to Sensitive Information Exposure in all versions up to, and including, 3.35.7. This is due to a logic error in the is allowed to read template function permission check that treats non-published templates...

4.3CVSS5.8AI score0.0025EPSS

Exploits0References3

VulnCheck KEV•added 2026/02/23 12:0 a.m.•6 views

VulnCheck KEV: CVE-2025-14155

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gettemplatecontent' function in all versions up to, and including, 4.11.53. This makes it possible for...

5.3CVSS5.8AI score0.00715EPSS

In wildExploits0References2

RedhatCVE•added 2025/12/24 9:39 a.m.•5 views

CVE-2025-14155

5.3CVSS5.3AI score0.00715EPSS

Exploits0References1

EUVD•added 2025/12/23 12:30 p.m.•3 views

EUVD-2025-204785

5.3CVSS4.8AI score0.00715EPSS

Exploits0References5

OSV•added 2025/12/23 10:15 a.m.•1 views

CVE-2025-14155

5.3CVSS5.8AI score0.00715EPSS

Exploits0References4

NVD•added 2025/12/23 10:15 a.m.•3 views

CVE-2025-14155

5.3CVSS0.00715EPSS

Exploits0References5

Cvelist•added 2025/12/23 9:19 a.m.•21 views

CVE-2025-14155 Premium Addons for Elementor <= 4.11.53 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content'

5.3CVSS0.00715EPSS

Exploits0References5

Vulnrichment•added 2025/12/23 9:19 a.m.•2 views

CVE-2025-14155 Premium Addons for Elementor <= 4.11.53 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content'

5.3CVSS4.9AI score0.00715EPSS

Exploits0References5

Positive Technologies•added 2025/12/23 12:0 a.m.•2 views

PT-2025-52731

Name of the Vulnerable Software and Affected Versions Premium Addons for Elementor versions prior to 4.11.54 Description The Premium Addons for Elementor plugin for WordPress has a flaw that allows unauthorized access to data. A missing capability check on the get template content function allows...

5.3CVSS6.4AI score0.00715EPSS

Exploits0References10

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-49989

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.0039EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 8:21 a.m.•2 views

CVE-2024-10365

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.3 via the render function in modules/widgets/tpcarouselanything.php,...

4.3CVSS5.7AI score0.00336EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:20 a.m.•3 views

CVE-2024-10329

The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ubegetpagetemplates' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

4.3CVSS5.8AI score0.00403EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:17 a.m.•4 views

CVE-2024-10357

The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.1 via the getTemplateContent function in src/widgets/class-clever-widget-base.php. This makes it possible for authenticated attackers, with...

4.3CVSS5.8AI score0.00419EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by