Description

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.5.6 via the element_pack_ajax_search function. This makes it possible for unauthenticated attackers to extract sensitive data including password protected post details.

INFO

Published Date :

2024-04-11T07:31:36.278Z

Last Modified :

2026-04-08T16:46:49.907Z

Source :

Wordfence
AFFECTED PRODUCTS

The following products are affected by CVE-2024-2966 vulnerability.

Vendors Products
Bdthemes
  • Element Pack
REFERENCES

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact