WordPress Plugin Vulnerabilities

ElementsKit Elementor addons < 3.4.1 - Unauthenticated Information Exposure

Description

The plugin is vulnerable to Sensitive Information Exposure due to a missing capability checks on the get_megamenu_content() function. This makes it possible for unauthenticated attackers to view any item created in Elementor, such as posts, pages and templates including drafts, trashed and private items.

Affects Plugins

Plugin icon
elementskit-lite
Fixed in 3.4.1

References

CVE
CVE-2025-0968
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/432ac3b1-8f1d-442f-8e8d-62a1f26ba259

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
5.3 (medium)

Miscellaneous

Original Researcher
stealthcopter
Verified
No
WPVDB ID
d21c9a9b-752d-4f61-82bb-84cfff59d46b

Timeline

Publicly Published
2025-02-18 (about 1 year ago)
Added
2025-02-20 (about 1 year ago)
Last Updated
2025-02-20 (about 1 year ago)

Other

Published
Title
Published
2021-07-07
Title
WP Upload Restriction < 2.2.5 - Missing Access Control in getSelectedMimeTypesByRole
Published
2021-08-30
Title
Countdown Block < 1.1.2 - Missing Authorisation in AJAX action
Published
2021-11-15
Title
User Meta Shortcodes <= 0.5 - Contributor+ Unauthorized Arbitrary User Metadata Access
Published
2020-09-05
Title
NextScripts: Social Networks Auto-Poster < 4.3.18 - Insufficient Privilege Validation
Published
2024-02-16
Title
Paid Memberships Pro < 2.12.9 - Contributor+ Arbitrary User Custom Field Disclosure