cleantalk
Vulnerabilities and Security Researches

Royal Elementor Addons and Templates, CVE-2026-6229

CVE, Research URL

CVE-2026-6229

Home page URL

Security reports for Royal Elementor Addons and Templates

Application

Royal Elementor Addons and Templates

Published on
May 02, 2026
Research Description
The Royal Elementor Addons plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.7.1057. This is due to insufficient validation of user-supplied URLs in the render_csv_data() function, which can be bypassed by including 'docs.google.com/spreadsheets' in a query parameter, and the subsequent use of these URLs in fopen() calls without blocking internal or private network addresses. This makes it possible for authenticated attackers, with Contributor-level access and above, to make requests to arbitrary URLs and retrieve sensitive information from internal services.
Affected versions
max 1.7.1058.
Status
vulnerable
Previous vulnerability researches
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
OOPSpam Anti-Spam (CVE-2025-12094) , Nov 10, 2025
OOPSpam Anti-Spam (2abea83e21a0323c5a51444c6b7c720291723c81) , Jun 07, 2024
OOPSpam Anti-Spam (CVE-2023-22716) , Jun 07, 2024
OOPSpam Anti-Spam (CVE-2023-35913) , Jun 07, 2024
New vulnerability
Music Player for Elementor – Audio Player & Podcast Player (CVE-2024-13362) , May 02, 2026
Remove Add to Cart WooCommerce (CVE-2024-13362) , May 02, 2026
EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin (easy docs, knowledgebase) (CVE-2024-13362) , May 02, 2026
Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit (CVE-2026-39450) , May 02, 2026
Pay For Post with WooCommerce (CVE-2024-13362) , May 02, 2026