CVE Catalog

CVE-2026-56028

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.36%

28th percentile — higher than 28% of all known CVEs

Summary

The Easy Elements for Elementor plugin versions 1.4.9 and earlier contain a vulnerability allowing unauthenticated privilege escalation. This flaw stems from insufficient permission checks within the plugin's functionality.

Risk Assessment

An unauthenticated attacker can gain unauthorized access to administrative functions, potentially leading to full site compromise.

Recommendation

Immediately update the Easy Elements for Elementor plugin to version 1.5.0 or later, which includes a fix for this vulnerability.

Original NVD description (English source)

Unauthenticated Privilege Escalation in Easy Elements for Elementor &#8211; Addons &amp; Website Templates <= 1.4.9 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS