PT-2026-23405 · WordPress · Royal Elementor Addons

Mcdruid

Published

2026-03-05

Updated

2026-04-06

CVE-2026-28135

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

Name of the Vulnerable Software and Affected Versions WP Royal Royal Elementor Addons versions through 1.7.1049

Description The software contains a flaw related to the inclusion of functionality from an untrusted control sphere, potentially allowing access to functionality not properly constrained by access control lists (ACLs).

Recommendations Update WP Royal Royal Elementor Addons to a version later than 1.7.1049.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-829

Related Identifiers

CVE-2026-28135

Affected Products

Royal Elementor Addons

PT-2026-23405 · WordPress · Royal Elementor Addons

CVE-2026-28135

Weakness Enumeration

Related Identifiers

Affected Products

References · 4