cleantalk
Vulnerabilities and Security Researches

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders, CVE-2024-3733

CVE, Research URL

CVE-2024-3733

Home page URL

Security reports for Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders

Application

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders

Published on
Apr 25, 2024
Research Description
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajax_load_more() , eael_woo_pagination_product_ajax(), and ajax_eael_product_gallery() functions. This makes it possible for unauthenticated attackers to extract posts that may be in private or draft status.
Affected versions
Min -, max 5.9.16.
Status
vulnerable
Previous vulnerability researches
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2024-39649) , Aug 07, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2024-7092) , Aug 13, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2022-0683) , Jun 07, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2024-1236) , Jun 07, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2021-24255) , Jun 07, 2024
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025