{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1793", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-02-03T08:23:17.991Z", "datePublished": "2026-02-15T03:24:34.335Z", "dateUpdated": "2026-04-08T16:54:39.864Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:54:39.864Z"}, "affected": [{"vendor": "bdthemes", "product": "Element Pack \u2013 Widgets, Templates & Addons for Elementor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "8.3.17", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'render_svg' function. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."}], "title": "Element Pack Addons for Elementor <= 8.3.17 - Authenticated (Contributor+) Arbitrary File Read", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/58f9bef5-6596-40b2-bcb6-d686e87d8d8f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/bdthemes-element-pack-lite/tags/8.3.16/modules/svg-image/widgets/svg-image.php#L850"}, {"url": "https://plugins.trac.wordpress.org/changeset/3452826/bdthemes-element-pack-lite#file1135"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Chiao-Lin Yu"}], "timeline": [{"time": "2026-02-03T08:39:05.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-02-14T14:34:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-17T21:16:13.353705Z", "id": "CVE-2026-1793", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-17T21:16:22.341Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1793", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-17T21:16:13.353705Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-17T21:16:18.444Z"}}], "cna": {"title": "Element Pack Addons for Elementor <= 8.3.17 - Authenticated (Contributor+) Arbitrary File Read", "credits": [{"lang": "en", "type": "finder", "value": "Chiao-Lin Yu"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "bdthemes", "product": "Element Pack Addons for Elementor", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "8.3.17"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-02-03T08:39:05.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-02-14T14:34:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/58f9bef5-6596-40b2-bcb6-d686e87d8d8f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/bdthemes-element-pack-lite/tags/8.3.16/modules/svg-image/widgets/svg-image.php#L850"}, {"url": "https://plugins.trac.wordpress.org/changeset/3452826/bdthemes-element-pack-lite#file1135"}], "descriptions": [{"lang": "en", "value": "The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'render_svg' function. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-02-15T03:24:34.335Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1793", "state": "PUBLISHED", "dateUpdated": "2026-02-17T21:16:22.341Z", "dateReserved": "2026-02-03T08:23:17.991Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-02-15T03:24:34.335Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'render_svg' function. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."}, {"lang": "es", "value": "El plugin Element Pack Addons para Elementor para WordPress es vulnerable a lecturas de archivos arbitrarios en todas las versiones hasta, e incluyendo, 8.3.17 a trav\u00e9s del widget SVG y una falta de validaci\u00f3n suficiente de archivos en la funci\u00f3n 'render_svg'. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, lean el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n sensible."}], "id": "CVE-2026-1793", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-02-15T04:15:54.260", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/bdthemes-element-pack-lite/tags/8.3.16/modules/svg-image/widgets/svg-image.php#L850"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3452826/bdthemes-element-pack-lite#file1135"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/58f9bef5-6596-40b2-bcb6-d686e87d8d8f?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,8.3.17]"}}], "product": "element_pack_addons_for_elementor", "vendor": "bdthemes"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-15T18:22:22.942020+00:00", "value": {"mitigation_remediation": ["Update Element Pack to a version newer than 8.3.17, or apply any vendor\u2011issued patch that addresses the 'render_svg' validation issue", "If the SVG widget is not needed for site functionality, disable it entirely to eliminate the attack surface", "Audit and adjust file system permissions so that the web server process can read only the files required for normal operation, reducing the risk of sensitive data exposure", "Review and tighten WordPress user role assignments, ensuring contributor accounts have no unnecessary file\u2011read or editor capabilities"], "summary": {"action": "Patch", "impact": "Arbitrary File Read"}, "threat_synthesis": {"affected_systems": "The flaw affects all releases of the bdthemes Element Pack \u2013 Widgets, Templates & Addons for Elementor plugin up to and including version 8.3.17. Any WordPress installation deploying these plugin versions is at risk, regardless of the site's public exposure. The affected components are the SVG widget and its internal file handling logic.", "description_and_impact": "The Element Pack Addons for Elementor plugin for WordPress allows an authenticated attacker with contributor-level access to read any file on the server via the SVG widget. The vulnerability stems from insufficient file validation in the 'render_svg' function, enabling read operations with arbitrary file paths. Successful exploitation could expose sensitive files such as configuration, credentials, or private data, compromising confidentiality and potentially facilitating further attacks.", "risk_and_exploitability": "The CVSS score of 6.5 indicates moderate severity, and the EPSS score of less than 1% suggests a low likelihood of widespread exploitation. The vulnerability is not listed in the CISA KEV catalog, implying it has not been observed in the wild or linked to known exploit kits. Because the attack requires authenticated contributor or higher permissions, the risk is primarily internal, relying on compromised user credentials or weak role assignments. While the potential impact includes unauthorized data exposure, the overall threat landscape remains moderate without an active exploit available."}}}}, "created": "2026-02-16T09:43:17.189667+00:00", "updated": "2026-04-15T18:30:10.940603+00:00", "vendors": ["bdthemes", "bdthemes$PRODUCT$element_pack_addons_for_elementor", "wordpress", "wordpress$PRODUCT$wordpress"]}