CVE-2025-14155
MEDIUMCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
3Description
The Premium Addons for Elementor - Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_template_content' function in all versions up to, and including, 4.11.53. This makes it possible for unauthenticated attackers to view the content of private, draft, and pending templates.
Analysis
Unauthenticated attackers can access private, draft, and pending template content in Premium Addons for Elementor WordPress plugin (versions up to 4.11.53) due to a missing capability check in the 'get_template_content' function. This authentication bypass allows unauthorized disclosure of sensitive template data without requiring user interaction or special privileges. A vendor patch is available, and the vulnerability carries a moderate CVSS score of 5.3 with low technical impact but confirmed accessibility to restricted resources.
Technical Context
The Premium Addons for Elementor plugin is a WordPress extension that provides template management and widget functionality within the Elementor page builder ecosystem. The vulnerability stems from CWE-862 (Missing Authorization), specifically the absence of capability checking before processing AJAX requests to retrieve template content via the 'get_template_content' function (located in addons-integration.php at lines 90 and 1624). WordPress capability checks (functions like 'current_user_can()') are the standard authorization mechanism to restrict access to administrative and sensitive operations. The plugin's failure to implement this check means any network-accessible attacker can construct HTTP requests to invoke this function without authentication, bypassing WordPress's user role and permission model. The CPE identifier (cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*) indicates all versions of the plugin are potentially affected up to and including 4.11.53.
Affected Products
Premium Addons for Elementor (by Leap13) in all versions up to and including 4.11.53 running on WordPress is affected. The CPE designation (cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*) confirms this is a WordPress plugin vulnerability. The WordPress plugin repository records for versions up to 4.11.53 are documented in the provided references, and security advisory information is available via Wordfence's vulnerability tracking (ID: 135c33bb-5ec2-4697-9340-1d2651ff3a0b).
Remediation
Update Premium Addons for Elementor to a patched version released by the vendor after 4.11.53; a vendor changeset (reference: changeset/3416254/ in the WordPress plugin repository) confirms upstream fixes are available. WordPress administrators should navigate to their plugin management interface, check for available updates, and install the latest version of Premium Addons for Elementor. If immediate patching is not possible, site administrators should consider temporarily disabling the plugin or restricting access to the WordPress admin and AJAX endpoints via web application firewall rules or .htaccess restrictions until a patch can be deployed. The Wordfence vulnerability advisory (https://www.wordfence.com/threat-intel/vulnerabilities/id/135c33bb-5ec2-4697-9340-1d2651ff3a0b) and CleanTalk research (https://research.cleantalk.org/cve-2025-14155/) provide additional context and may include detection signatures for vulnerable plugin installations.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today