cleantalk
Vulnerabilities and Security Researches

Royal Elementor Addons and Templates, CVE-2026-28135

CVE, Research URL

CVE-2026-28135

Home page URL

Security reports for Royal Elementor Addons and Templates

Application

Royal Elementor Addons and Templates

Published on
Mar 05, 2026
Research Description
Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1049.
Affected versions
max 1.7.1049.
Status
vulnerable
Previous vulnerability researches
Admin SMS Alert (CVE-2024-51637) , Nov 05, 2024
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2024-11725) , Jan 08, 2025
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2026-32373) , Mar 29, 2026
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2025-66086) , Dec 10, 2025
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2025-3878) , May 11, 2025
New vulnerability
SMTP Mailer (CVE-2026-32538) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2026-25362) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2026-25363) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2025-15524) , Mar 29, 2026
Photo Gallery by 10Web &#8211; Mobile-Friendly Image Gallery (CVE-2026-27360) , Mar 29, 2026