Primary

Context

Responsive Addons for Elementor Sensitive Information Exposure Vulnerability

Vulnerability

Patched

A vulnerability allowing sensitive information exposure has been identified in the Responsive Addons for Elementor - Free Elementor Addons Plugin and Elementor Templates for WordPress. This issue affects all versions through 1.6.8, specifically within the 'register_user' function. The vulnerability allows authenticated attackers with Contributor-level access and above to extract sensitive data, including usernames and passwords, from users who register using the Edit Login | Registration Form widget, provided that the registered user opens the email notification confirming their registration.

Impact

Exploitation of this vulnerability allows for the unauthorized extraction of sensitive information, specifically usernames and passwords, from users who register through the affected plugin's registration form.

Remediation

Users can update to version 1.6.9 or a newer patched version to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

6.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

6.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Responsive Addons for Elementor Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Responsive Addons for Elementor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating