Vulnerabilities > CVE-2024-10312 - Unspecified vulnerability in Exclusiveaddons Exclusive Addons for Elementor

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
exclusiveaddons
NVD
Published: 2024-10-29
Updated: 2025-01-24

Summary

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.4 via the render function in elements/tabs/tabs.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.

Vulnerable Configurations

Part Description Count
Application
Exclusiveaddons
98

References