cleantalk
Vulnerabilities and Security Researches

Ultimate Bootstrap Elements for Elementor, CVE-2024-10329

CVE, Research URL

CVE-2024-10329

Home page URL

Security reports for Ultimate Bootstrap Elements for Elementor

Application

Ultimate Bootstrap Elements for Elementor

Published on
Nov 05, 2024
Research Description
The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ube_get_page_templates' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the contents of templates that are private.
Affected versions
Min -, max 1.4.7.
Status
vulnerable
Previous vulnerability researches
Ultimate Bootstrap Elements for Elementor (CVE-2024-1398) , Jun 07, 2024
Ultimate Bootstrap Elements for Elementor (CVE-2025-32672) , Apr 13, 2025
Ultimate Bootstrap Elements for Elementor (CVE-2024-10329) , Nov 06, 2024
Ultimate Bootstrap Elements for Elementor (CVE-2024-37462) , Jul 05, 2024
Ultimate Bootstrap Elements for Elementor (CVE-2024-43140) , Aug 12, 2024
New vulnerability
Advance WP Query Search Filter (CVE-2025-26743) , Apr 15, 2025
SKT Skill Bar (CVE-2025-26880) , Apr 15, 2025
WP Featured Screenshot (CVE-2025-32557) , Apr 15, 2025
Additional Custom Product Tabs for WooCommerce (CVE-2025-26749) , Apr 15, 2025
Autoptimize , Apr 15, 2025