Elementor Addon Elements <= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sections

Vulnerability

The vulnerability exists in the Elementor Addon Elements plugin for WordPress in versions up to and including 1.13.8. It is located in the render_column function in modules/data-table/widgets/data-table.php. This function does not properly restrict access to template data, leading to sensitive information exposure. [1]

Exploitation

An attacker must have authenticated access with at least Contributor-level privileges. The attacker can exploit this by interacting with the data-table widget, which incorrectly renders private, pending, and draft template data. No further user interaction is required. [1]

Impact

Successful exploitation allows an authenticated attacker to extract sensitive information such as private, pending, and draft template data. This can lead to disclosure of confidential content that should not be visible to lower-privileged users. The confidentiality of the system is compromised. [1]

Mitigation

The plugin vendor has released version 1.14.5 which addresses this vulnerability. Users are advised to update to the latest version. For those who cannot update, consider restricting Contributor-level access or disabling the data-table widget until patched. [1]