CVE-2026-2295 (GCVE-0-2026-2295)
Vulnerability from cvelistv5 – Published: 2026-02-11 09:27 – Updated: 2026-02-11 15:20
VLAI?
Title
WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more
Summary
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax_post_grid_load_more' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attackers to retrieve protected (draft, future, pending) post titles and excerpts that should not be accessible to unauthenticated users.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpzoom | WPZOOM Addons for Elementor – Starter Templates & Widgets |
Affected:
* , ≤ 1.3.2
(semver)
|
Credits
Craig Smith
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T15:20:23.230467Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T15:20:31.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WPZOOM Addons for Elementor \u2013 Starter Templates \u0026 Widgets",
"vendor": "wpzoom",
"versions": [
{
"lessThanOrEqual": "1.3.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WPZOOM Addons for Elementor \u2013 Starter Templates \u0026 Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u0027ajax_post_grid_load_more\u0027 function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attackers to retrieve protected (draft, future, pending) post titles and excerpts that should not be accessible to unauthenticated users."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T09:27:15.103Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b9961347-7c47-4fa1-af35-609c39a6cd8b?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpzoom-elementor-addons/tags/1.3.1/includes/wpzoom-elementor-ajax-posts-grid.php#L66"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3458416/wpzoom-elementor-addons"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-10T20:36:46.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-02-10T21:12:39.000+00:00",
"value": "Disclosed"
}
],
"title": "WPZOOM Addons for Elementor \u2013 Starter Templates \u0026 Widgets \u003c= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-2295",
"datePublished": "2026-02-11T09:27:15.103Z",
"dateReserved": "2026-02-10T16:22:48.874Z",
"dateUpdated": "2026-02-11T15:20:31.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-2295\",\"sourceIdentifier\":\"security@wordfence.com\",\"published\":\"2026-02-11T10:15:51.357\",\"lastModified\":\"2026-02-11T15:27:26.370\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The WPZOOM Addons for Elementor \u2013 Starter Templates \u0026 Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u0027ajax_post_grid_load_more\u0027 function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attackers to retrieve protected (draft, future, pending) post titles and excerpts that should not be accessible to unauthenticated users.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@wordfence.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@wordfence.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/browser/wpzoom-elementor-addons/tags/1.3.1/includes/wpzoom-elementor-ajax-posts-grid.php#L66\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://plugins.trac.wordpress.org/changeset/3458416/wpzoom-elementor-addons\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/b9961347-7c47-4fa1-af35-609c39a6cd8b?source=cve\",\"source\":\"security@wordfence.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-2295\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-11T15:20:23.230467Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-11T15:20:29.447Z\"}}], \"cna\": {\"title\": \"WPZOOM Addons for Elementor \\u2013 Starter Templates \u0026 Widgets \u003c= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Craig Smith\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\"}}], \"affected\": [{\"vendor\": \"wpzoom\", \"product\": \"WPZOOM Addons for Elementor \\u2013 Starter Templates \u0026 Widgets\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.3.2\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-02-10T20:36:46.000+00:00\", \"value\": \"Vendor Notified\"}, {\"lang\": \"en\", \"time\": \"2026-02-10T21:12:39.000+00:00\", \"value\": \"Disclosed\"}], \"references\": [{\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/b9961347-7c47-4fa1-af35-609c39a6cd8b?source=cve\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/wpzoom-elementor-addons/tags/1.3.1/includes/wpzoom-elementor-ajax-posts-grid.php#L66\"}, {\"url\": \"https://plugins.trac.wordpress.org/changeset/3458416/wpzoom-elementor-addons\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The WPZOOM Addons for Elementor \\u2013 Starter Templates \u0026 Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u0027ajax_post_grid_load_more\u0027 function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attackers to retrieve protected (draft, future, pending) post titles and excerpts that should not be accessible to unauthenticated users.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"shortName\": \"Wordfence\", \"dateUpdated\": \"2026-02-11T09:27:15.103Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-2295\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-11T15:20:31.931Z\", \"dateReserved\": \"2026-02-10T16:22:48.874Z\", \"assignerOrgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"datePublished\": \"2026-02-11T09:27:15.103Z\", \"assignerShortName\": \"Wordfence\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…