CVE Catalog
CVE-2026-56028
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.36%
28th percentile — higher than 28% of all known CVEs
Summary
The Easy Elements for Elementor plugin versions 1.4.9 and earlier contain a vulnerability allowing unauthenticated privilege escalation. This flaw stems from insufficient permission checks within the plugin's functionality.
Risk Assessment
An unauthenticated attacker can gain unauthorized access to administrative functions, potentially leading to full site compromise.
Recommendation
Immediately update the Easy Elements for Elementor plugin to version 1.5.0 or later, which includes a fix for this vulnerability.
Original NVD description (English source)
Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website Templates <= 1.4.9 versions.

