CVE Catalog
CVE-2026-25440
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk0.21%
12th percentile — higher than 12% of all known CVEs
Summary
Unauthenticated Broken Access Control exists in Essential Addons for Elementor versions below 6.6.0.
Risk Assessment
The organization may be exposed to unauthorized access to resources, potentially leading to data leaks or unauthorized modifications.
Recommendation
It is recommended to update the plugin to the latest version to mitigate this vulnerability.
Original NVD description (English source)
Unauthenticated Broken Access Control in Essential Addons for Elementor < 6.6.0 versions.

