Unrated severityNVD Advisory· Published Oct 29, 2024· Updated Apr 8, 2026

Exclusive Addons for Elementor <= 2.7.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates

CVE-2024-10312

Description

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.4 via the render function in elements/tabs/tabs.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.

Affected products

Exclusiveaddons/Exclusive Addons For Elementorllm-fuzzy
Range: <= 2.7.4
timstrifler/Exclusive Addons for Elementorv5
Range: 0
WordPress/Exclusive Addons For Elementorwp-canonicalize
Package: https://wordpress.org/plugins/exclusive-addons-for-elementor

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000