CVE-2026-57619 PUBLISHED

Contributor Sensitive Data Exposure in Elementor Website Builder <= 4.1.3 versions.

Update the WordPress Elementor Website Builder Plugin to the latest available version (at least 4.1.4).

• Steven Julian | Patchstack Bug Bounty Program finder

• https://patchstack.com/database/wordpress/plugin/elementor/vulnerability/wordpress-elementor-website-builder-plugin-4-1-3-sensitive-data-exposure-vulnerability?_s_id=cve

• CWE-862 Missing Authorization CWE

• CAPEC-37 Retrieve Embedded Sensitive Data