Unrated severityNVD Advisory· Published Sep 24, 2024· Updated Apr 8, 2026

Happy Addons for Elementor <= 3.12.2 - Authenticated (Contributor+) Sensitive Information Exposure

CVE-2024-8801

Description

The Happy Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.12.2 via the Content Switcher widget. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including private, draft, and pending Elementor templates.

Affected products

Thehappymonster/Happy Addons For Elementorv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

plugins.trac.wordpress.org/browser/happy-elementor-addons/trunk/widgets/content-switcher/widget.phpmitre
plugins.trac.wordpress.org/changeset/3154460/mitre
www.wordfence.com/threat-intel/vulnerabilities/id/9f1078b8-f458-46a6-9982-e8d2d1d1b73bmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000