WordPress Plugin Vulnerabilities

Primary Addon for Elementor < 1.6.3 - Authenticated (Contributor+) Post Disclosure

Description

The Primary Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.2 via the [prim_elementor_template] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created with Elementor that they should not have access to.

Affects Plugins

Plugin icon
primary-addon-for-elementor
Fixed in 1.6.3

References

CVE
CVE-2024-10670
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/636bd8ce-4737-4117-9581-42c7dcb3ad22

Classification

Type
IDOR
OWASP top 10
A5: Broken Access Control
CWE
CWE-639
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Francesco Carlucci
Verified
No
WPVDB ID
96938354-9ff2-4e0d-aab3-2e0bf97407a9

Timeline

Publicly Published
2024-11-27 (about 1 year ago)
Added
2024-11-27 (about 1 year ago)
Last Updated
2024-11-28 (about 1 year ago)

Other

Published
Title
Published
2026-02-11
Title
Cnvrse < 026.02.10.20 - Unauthenticated Insecure Direct Object Reference
Published
2025-08-15
Title
School Management <= 93.1.0 - Unauthenticated Insecure Direct Object Reference
Published
2025-04-07
Title
Streamit < 4.0.3 - Authenticated (Subscriber+) Privilege Escalation via User Email Change/Account Takeover
Published
2025-03-24
Title
User Registration & Membership (Free < 4.1.2, Pro < 5.1.2) - Unauthenticated Privilege Escalation
Published
2025-10-24
Title
Tutor LMS Pro < 3.9.0 - Subscriber+ Other Assignments Access/Edit via IDOR