CVE-2026-49053 is a Missing Authorization vulnerability in the ElementsKit Elementor addons Lite WordPress plugin, affecting versions up to and including 3.9.6. The vulnerability allows exploitation of incorrectly configured access control security levels, potentially enabling unauthorized access to functionality that should be restricted. The issue was published to the CVE List on May 27, 2026, and carri [truncated]
A Missing Authorization vulnerability in the ElementsKit Elementor addons Lite WordPress plugin allows authenticated users with low privileges to exploit incorrectly configured access control security levels. The vulnerability affects versions up to and including 3.9.6. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) indicates network attack vector, low attack complexity, low privileges required [truncated]
