WordPress Plugin Vulnerabilities

Element Pack Elementor Addons < 5.6.0 - Sensitive Information Exposure via element_pack_ajax_search

Description

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.5.6 via the element_pack_ajax_search function. This makes it possible for unauthenticated attackers to extract sensitive data including password protected post details.

Affects Plugins

References

Classification

Type
SENSITIVE DATA DISCLOSURE
CWE

Miscellaneous

Original Researcher
Krzysztof Zając
Verified
No

Timeline

Publicly Published
2024-04-10 (about 2 years ago)
Added
2024-04-12 (about 2 years ago)
Last Updated
2024-04-12 (about 2 years ago)

Other