CVE-2026-2373 (GCVE-0-2026-2373)

Vulnerability from cvelistv5 – Published: 2026-03-17 03:36 – Updated: 2026-04-08 17:20
VLAI?
Title
Royal Addons for Elementor – Addons and Templates Kit for Elementor <= 1.7.1049 - Missing Authorization to Unauthenticated Custom Post Type Contents Exposure
Summary
The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1049 via the get_main_query_args() function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract contents of non-public custom post types, such as Contact Form 7 submissions or WooCommerce coupons.
Severity ?
5.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE
Assigner
References
Impacted products
Vendor Product Version
wproyal Royal Addons for Elementor – Addons and Templates Kit for Elementor Affected: 0 , ≤ 1.7.1049 (semver)
Create a notification for this product.
Credits
Quốc Huy
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2373",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-17T13:25:07.262434Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-17T13:25:15.811Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Royal Addons for Elementor \u2013 Addons and Templates Kit for Elementor",
          "vendor": "wproyal",
          "versions": [
            {
              "lessThanOrEqual": "1.7.1049",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Qu\u1ed1c Huy"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Royal Addons for Elementor \u2013 Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1049 via the get_main_query_args() function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract contents of non-public custom post types, such as Contact Form 7 submissions or WooCommerce coupons."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:20:32.228Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c4192a7f-b962-46f9-a524-7271ed6f4917?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3475656/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-11T00:00:00.000Z",
          "value": "Discovered"
        },
        {
          "lang": "en",
          "time": "2026-02-11T21:03:05.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2026-03-16T15:17:51.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Royal Addons for Elementor \u2013 Addons and Templates Kit for Elementor \u003c= 1.7.1049 - Missing Authorization to Unauthenticated Custom Post Type Contents Exposure"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2026-2373",
    "datePublished": "2026-03-17T03:36:25.155Z",
    "dateReserved": "2026-02-11T20:47:09.620Z",
    "dateUpdated": "2026-04-08T17:20:32.228Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-2373",
      "date": "2026-05-07",
      "epss": "0.00042",
      "percentile": "0.12647"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-2373\",\"sourceIdentifier\":\"security@wordfence.com\",\"published\":\"2026-03-17T04:16:14.730\",\"lastModified\":\"2026-04-22T21:32:08.360\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Royal Addons for Elementor \u2013 Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1049 via the get_main_query_args() function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract contents of non-public custom post types, such as Contact Form 7 submissions or WooCommerce coupons.\"},{\"lang\":\"es\",\"value\":\"El plugin Royal Addons for Elementor \u2013 Addons and Templates Kit for Elementor para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 1.7.1049, inclusive, a trav\u00e9s de la funci\u00f3n get_main_query_args() debido a restricciones insuficientes sobre qu\u00e9 publicaciones pueden incluirse. Esto hace posible que atacantes no autenticados extraigan el contenido de tipos de publicaciones personalizadas no p\u00fablicas, como env\u00edos de Contact Form 7 o cupones de WooCommerce.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@wordfence.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@wordfence.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/changeset/3475656/\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/c4192a7f-b962-46f9-a524-7271ed6f4917?source=cve\",\"source\":\"security@wordfence.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-2373\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-17T13:25:07.262434Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-17T13:25:12.267Z\"}}], \"cna\": {\"title\": \"Royal Addons for Elementor \\u2013 Addons and Templates Kit for Elementor \u003c= 1.7.1049 - Missing Authorization to Unauthenticated Custom Post Type Contents Exposure\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Qu\\u1ed1c Huy\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\"}}], \"affected\": [{\"vendor\": \"wproyal\", \"product\": \"Royal Addons for Elementor \\u2013 Addons and Templates Kit for Elementor\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.7.1049\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-02-11T00:00:00.000Z\", \"value\": \"Discovered\"}, {\"lang\": \"en\", \"time\": \"2026-02-11T21:03:05.000Z\", \"value\": \"Vendor Notified\"}, {\"lang\": \"en\", \"time\": \"2026-03-16T15:17:51.000Z\", \"value\": \"Disclosed\"}], \"references\": [{\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/c4192a7f-b962-46f9-a524-7271ed6f4917?source=cve\"}, {\"url\": \"https://plugins.trac.wordpress.org/changeset/3475656/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Royal Addons for Elementor \\u2013 Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1049 via the get_main_query_args() function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract contents of non-public custom post types, such as Contact Form 7 submissions or WooCommerce coupons.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-862\", \"description\": \"CWE-862 Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"shortName\": \"Wordfence\", \"dateUpdated\": \"2026-03-17T03:36:25.155Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-2373\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-17T13:25:15.811Z\", \"dateReserved\": \"2026-02-11T20:47:09.620Z\", \"assignerOrgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"datePublished\": \"2026-03-17T03:36:25.155Z\", \"assignerShortName\": \"Wordfence\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.