CVE-2026-7665 - Vulnerability Details

- Essential Addons for Elementor <= 6.6.4 - Missing Authorization to Unauthenticated Information Exposure via 'load_more' AJAX Handler

Description

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajax_load_more function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to.

Published: 2026-06-06

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The perk of the vulnerability lies in an insecure AJAX handler that can return posts regardless of their status. The missing authorization check makes it possible for anyone to retrieve data from password‑protected, private or draft posts that they should not have access to. As a result, the confidentiality of posts uploaded through the plugin is compromised without requiring any user credentials. The weakness is mapped to CWE‑639: Authorization Bypass Through Privileged Clear-Text Log.

Affected Systems

This vulnerability affects the Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress provided by wpdevteam. All released versions up to and including 6.6.4 are impacted, including the 6.5.x and 6.6.x branches referenced in the vendor release notes.

Risk and Exploitability

The CVSS score for the issue is 5.3, indicating a medium impact level. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. The attack vector appears to be unauthenticated access to the "load_more" AJAX endpoint. Any visitor to the site can trigger the action and receive sensitive post content, making the risk moderate for sites that store sensitive information and have the plugin installed.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

wpdevteam

Essential Addons for Elementor – Popular Elementor Templates & Widgets

unaffected

Version	Status	Constraints
`0`	affected	≤ 6.6.4

No data.

Vendor Product Confidence Versions

Wordpress

80%

Version	Status	Scheme	Platform
`—`	unaffected	—	—

Wpdevteam

Essential Addons For Elementor – Popular Elementor Templates & Widgets

100%

Version	Status	Scheme	Platform
`[0,6.6.4]`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the Essential Addons for Elementor plugin to the latest available version that removes the missing authorization check on the AJAX handler.
If an immediate patch cannot be applied, block unauthenticated access to the "load_more" AJAX action using a security plugin or custom code that checks user capability before executing the handler.
If the plugin cannot be temporarily secured, consider deactivating or uninstalling it until a patched version is released.

Generated by OpenCVE AI on June 6, 2026 at 04:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00055.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.5.13/includes/Traits/Ajax_Handler.php#L106
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.5.13/includes/Traits/Ajax_Handler.php#L1601
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.5.13/includes/Traits/Ajax_Handler.php#L197
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.5.13/includes/Traits/Ajax_Handler.php#L292
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.6.3/includes/Traits/Ajax_Handler.php#L106
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.6.3/includes/Traits/Ajax_Handler.php#L1601
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.6.3/includes/Traits/Ajax_Handler.php#L197
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.6.3/includes/Traits/Ajax_Handler.php#L292
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Ajax_Handler.php#L106
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Ajax_Handler.php#L1601
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Ajax_Handler.php#L197
https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Ajax_Handler.php#L292
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3541534%40essential-addons-for-elementor-lite&new=3541534%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/861ece65-bee7-4124-b1a8-de9fb0c1cbc7?source=cve

History

Sat, 06 Jun 2026 12:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Sat, 06 Jun 2026 04:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wordpress Wordpress wordpress Wpdevteam Wpdevteam essential Addons For Elementor – Popular Elementor Templates & Widgets
Vendors & Products		Wordpress Wordpress wordpress Wpdevteam Wpdevteam essential Addons For Elementor – Popular Elementor Templates & Widgets

Sat, 06 Jun 2026 03:30:00 +0000

Type	Values Removed	Values Added
Description		The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajax_load_more function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to.
Title		Essential Addons for Elementor <= 6.6.4 - Missing Authorization to Unauthenticated Information Exposure via 'load_more' AJAX Handler
Weaknesses		CWE-639
References		https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.5.13/includes/Traits/Ajax_Handler.php#L106 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.5.13/includes/Traits/Ajax_Handler.php#L1601 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.5.13/includes/Traits/Ajax_Handler.php#L197 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.5.13/includes/Traits/Ajax_Handler.php#L292 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.6.3/includes/Traits/Ajax_Handler.php#L106 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.6.3/includes/Traits/Ajax_Handler.php#L1601 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.6.3/includes/Traits/Ajax_Handler.php#L197 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.6.3/includes/Traits/Ajax_Handler.php#L292 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Ajax_Handler.php#L106 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Ajax_Handler.php#L1601 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Ajax_Handler.php#L197 https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Ajax_Handler.php#L292 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3541534%40essential-addons-for-elementor-lite&new=3541534%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/861ece65-bee7-4124-b1a8-de9fb0c1cbc7?source=cve
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}`

Subscriptions

Wordpress Wordpress

Wpdevteam Essential Addons For Elementor – Popular Elementor Templates & Widgets

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2026-06-06T02:28:36.091Z

Updated: 2026-06-06T11:47:54.832Z

Reserved: 2026-05-01T19:49:55.131Z

Link: CVE-2026-7665

Vulnrichment

Updated: 2026-06-06T11:47:49.778Z

NVD

Status : Received

Published: 2026-06-06T04:17:40.400

Modified: 2026-06-06T04:17:40.400

Link: CVE-2026-7665

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-06T04:30:12Z

Weaknesses

CWE-639

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object