CVE-2026-23543 PUBLISHED

WordPress Essential Addons for Elementor plugin <= 6.5.5 - Broken Access Control vulnerability

Assigner: Patchstack
Reserved: 14.01.2026 Published: 19.02.2026 Updated: 19.02.2026

Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through <= 6.5.5.

Product Status

Vendor WPDeveloper
Product Essential Addons for Elementor
Versions Default: unaffected
  • affected from n/a to <= 6.5.5 (incl.)

Credits

  • Bonds | Patchstack Bug Bounty Program finder

References

Problem Types

  • Missing Authorization CWE

Impacts

  • Exploiting Incorrectly Configured Access Control Security Levels