Report
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.109 due to missing restrictions on the getPostDataByObj() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to view password protected posts.
Score:4.3
Severity:Medium
Version: 1.5.109
There is a patch available in v1.5.110 and we strongly recommend you update to this version as soon as possible.
