CVE-2025-14155 Scanner
CVE-2025-14155 Scanner - Information Disclosure vulnerability in Premium Addons for Elementor
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
19 days 17 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
Premium Addons for Elementor is a plugin used with WordPress, enabling users to add advanced widgets and elements to their Elementor page builder. This plugin is popular among WordPress users for customizing websites with enhanced features. Web developers and designers frequently use it to enhance the visual and functional appeal of WordPress sites. The plugin is utilized across various industries to improve web content and user interface designs. Companies and individuals implementing WordPress for their web presence commonly integrate this plugin to expand their site's capability. Its ability to add customizable elements makes it a preferred choice for WordPress and Elementor users seeking enhanced site interactivity.
The Information Disclosure vulnerability within Premium Addons for Elementor enables unauthenticated attackers to access confidential information. Specifically, it allows unauthorized access to private, draft, and pending templates created with the Elementor page builder. This exposure results from a missing authorization check in the plugin's AJAX handler. As a result, sensitive data such as API keys, credentials, customer data, or unpublished content may be inadvertently disclosed. This type of vulnerability is critical in environments where sensitive data integrity and confidentiality are paramount. Failure to resolve this vulnerability can lead to significant data breaches and privacy violations.
The technical details of this vulnerability lie in the plugin's lack of authorization checks in its AJAX handler, specifically within the get_template_content() function. Attackers exploit it by sending requests to the AJAX handler without authentication, retrieving sensitive Elementor template information. The vulnerable endpoint is accessible through WordPress's admin-ajax.php with specific parameters to provoke this disclosure. This results in bypassing standard security measures, providing attackers with access to sensitive data. The vulnerability resides in the logic flaw presented by the unwarranted execution of the get_template_content() action. Evidence of successful exploitation is often apparent when responses contain a 'success' flag and the 'template_content' data.
If exploited, this vulnerability could result in unauthorized disclosure of sensitive data across affected systems. Attackers could leverage the exposed credentials or API keys to access and manipulate other sensitive areas of the victim's network. Customer data exposure could lead to reputational damage and potential financial losses through legal penalties and decreased customer trust. In web applications, such vulnerabilities could also provide further entry points for subsequent attack chains, such as privilege escalation or further unauthorized access. Ensuring a quick patch and update mechanism for the plugin is critical in mitigating these risks.
REFERENCES
- https://nvd.nist.gov/vuln/detail/CVE-2025-14155
- https://www.wordfence.com/threat-intel/vulnerabilities/id/135c33bb-5ec2-4697-9340-1d2651ff3a0b?source=cve
- https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/tags/4.11.53/includes/addons-integration.php#L1624
- https://plugins.trac.wordpress.org/changeset/3416254/