Powerpack Pro For Elementor
Monthly
Authentication bypass in the PowerPack Pro for Elementor WordPress plugin (versions prior to 2.13.0) allows remote attackers to subvert authentication controls and gain unauthorized access with high impact to confidentiality, integrity, and availability. The flaw, reported by Patchstack and tracked as CVE-2026-42629, is classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel) and requires user interaction per the CVSS vector. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Authentication bypass in the PowerPack Pro for Elementor WordPress plugin (versions prior to 2.13.0) allows remote attackers to subvert authentication controls and gain unauthorized access with high impact to confidentiality, integrity, and availability. The flaw, reported by Patchstack and tracked as CVE-2026-42629, is classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel) and requires user interaction per the CVSS vector. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.