ByteOS Network

CVE Vulnerability Details :

CVE-2026-25436

PUBLISHED

More Info Official Page

Assigner-Patchstack

Assigner Org ID-21595511-bba5-4825-b968-b78d1f9984a3

Published At-07 May, 2026 | 07:34

Updated At-07 May, 2026 | 07:34

▼CVE Numbering Authority (CNA)

WordPress Royal Elementor Addons plugin < 1.7.1053 - Broken Access Control vulnerability

Missing Authorization vulnerability in WProyal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal Elementor Addons: from n/a before 1.7.1053.

Affected Products

Vendor

Royal Elementor Addons

Product

Royal Elementor Addons

Collection URL

https://wordpress.org/plugins

Package Name

royal-elementor-addons

Default Status

unaffected

Versions

Affected

From n/a before 1.7.1053 (custom)
- -> unaffectedfrom1.7.1053

Problem Types

Type	CWE ID	Description
CWE	CWE-862	CWE-862 Missing Authorization

Type: CWE

CWE ID: CWE-862

Description: CWE-862 Missing Authorization

Metrics

Version	Base score	Base severity	Vector
3.1	5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Version: 3.1

Base score: 5.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Impacts

CAPEC ID	Description
CAPEC-180	CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels

CAPEC ID: CAPEC-180

Description: CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels

Solutions

Update the WordPress Royal Elementor Addons Plugin to the latest available version (at least 1.7.1053).

Credits

finder

Bao - BlueRock | Patchstack Bug Bounty Program

References

Hyperlink	Resource
https://patchstack.com/database/wordpress/plugin/royal-elementor-addons/vulnerability/wordpress-royal-elementor-addons-plugin-1-7-1053-broken-access-control-vulnerability?_s_id=cve	vdb-entry

Hyperlink: https://patchstack.com/database/wordpress/plugin/royal-elementor-addons/vulnerability/wordpress-royal-elementor-addons-plugin-1-7-1053-broken-access-control-vulnerability?_s_id=cve

Resource:

vdb-entry

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References