Description
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.0 due to a missing capability checks on the get_megamenu_content() function. This makes it possible for unauthenticated attackers to view any item created in Elementor, such as posts, pages and templates including drafts, trashed and private items.
Published: 2025-02-19
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Apply Patch
AI Analysis

Impact

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to and including 3.4.0 due to missing capability checks on the get_megamenu_content() function, a weakness classified as CWE-284 (Improper Authorization) and CWE-862 (Missing Authorization). This flaw permits anyone—without authentication—to retrieve the content of any Elementor item, including posts, pages, templates, drafts, trashed, or private items, thereby exposing confidential or unpublished data.

Affected Systems

The affected vendor is roxnor, developer of ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor. All releases up to version 3.4.0 are impacted, regardless of the WordPress installation version. Administrators should verify the installed plugin version; any deployment using 3.4.0 or earlier is vulnerable.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity, and the EPSS score of less than 1% suggests a very low probability of exploitation in the wild. The vulnerability is listed as not included in CISA KEV, further indicating limited known exploitation. Attackers can exploit this via unauthenticated HTTP requests to the get_megamenu_content endpoint, which does not enforce proper authorization checks. An attacker would receive full HTML or JSON structures of Elementor elements, potentially revealing sensitive or unpublished data.

Generated by OpenCVE AI on April 22, 2026 at 17:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ElementsKit Elementor Addons to version 3.4.1 or later to apply the fix that adds capability checks to get_megamenu_content.
  • If an upgrade is not immediately possible, restrict access to the plugin’s REST API endpoint by configuring a rule that allows only authenticated users with the edit_posts capability (or relevant) to call get_megamenu_content.
  • As a temporary measure, disable the megamenu feature or set the plugin to maintenance mode to prevent unauthenticated access to megamenu content until a patch is applied.

Generated by OpenCVE AI on April 22, 2026 at 17:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-4703 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.0 due to a missing capability checks on the get_megamenu_content() function. This makes it possible for unauthenticated attackers to view any item created in Elementor, such as posts, pages and templates including drafts, trashed and private items.
History

Tue, 25 Feb 2025 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Wpmet
Wpmet elementskit Elementor Addons
Weaknesses CWE-862
CPEs cpe:2.3:a:wpmet:elementskit_elementor_addons:*:*:*:*:*:wordpress:*:*
Vendors & Products Wpmet
Wpmet elementskit Elementor Addons

Wed, 19 Feb 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 19 Feb 2025 11:30:00 +0000

Type Values Removed Values Added
Description The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.0 due to a missing capability checks on the get_megamenu_content() function. This makes it possible for unauthenticated attackers to view any item created in Elementor, such as posts, pages and templates including drafts, trashed and private items.
Title ElementsKit Elementor addons <= 3.4.0 - Unauthenticated Information Exposure via get_megamenu_content Function
Weaknesses CWE-284
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Wpmet Elementskit Elementor Addons
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T16:49:04.756Z

Reserved: 2025-02-01T21:47:17.502Z

Link: CVE-2025-0968

cve-icon Vulnrichment

Updated: 2025-02-19T14:37:05.777Z

cve-icon NVD

Status : Analyzed

Published: 2025-02-19T12:15:31.770

Modified: 2025-02-25T20:21:17.287

Link: CVE-2025-0968

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T18:00:05Z

Weaknesses