cleantalk
Vulnerabilities and Security Researches

Piotnet Addons For Elementor, CVE-2024-5614

CVE, Research URL

CVE-2024-5614

Home page URL

Security reports for Piotnet Addons For Elementor

Application

Piotnet Addons For Elementor

Published on
Jul 27, 2024
Research Description
The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.29 via the 'pafe_posts_list' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and excerpts of future, draft, and pending blog posts.
Affected versions
Min -, max 2.4.30.
Status
vulnerable
Previous vulnerability researches
Piotnet Addons For Elementor (CVE-2024-5614) , Jul 28, 2024
Piotnet Addons For Elementor (CVE-2024-5502) , Aug 24, 2024
Piotnet Addons For Elementor (CVE-2024-9673) , Jan 08, 2025
Piotnet Addons For Elementor (CVE-2024-4262) , Jun 07, 2024
Piotnet Addons For Elementor (CVE-2024-29934) , Jun 07, 2024
New vulnerability
Sign-up Sheets (CVE-2025-26996) , Apr 17, 2025
Cart66 Cloud :: WordPress Ecommerce The Easy Way (CVE-2025-32653) , Apr 17, 2025
C9 Blocks (CVE-2025-26951) , Apr 17, 2025
Widget for Social Page Feeds (CVE-2024-13207) , Apr 17, 2025
WP User Profiles (CVE-2025-31524) , Apr 17, 2025