CVE-2026-1793
📋 TL;DR
The Element Pack Addons for Elementor WordPress plugin contains an arbitrary file read vulnerability in its SVG widget. Authenticated attackers with contributor-level access or higher can read sensitive files on the server. All versions up to 8.3.17 are affected.
💻 Affected Systems
- Element Pack Addons for Elementor WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could read sensitive configuration files (wp-config.php), database credentials, SSH keys, or other critical system files leading to complete site compromise.
Likely Case
Attackers with contributor access could read WordPress configuration files to obtain database credentials, potentially leading to database takeover and privilege escalation.
If Mitigated
With proper access controls and file permissions, impact is limited to files readable by the web server user, but sensitive configuration files are typically accessible.
🎯 Exploit Status
Exploitation requires authenticated access but is straightforward once authenticated. The vulnerability is well-documented with public proof-of-concept available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 8.3.18 and later
Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3452826/bdthemes-element-pack-lite#file1135
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Element Pack Addons for Elementor'. 4. Click 'Update Now' if available. 5. Alternatively, download version 8.3.18+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Disable SVG Widget
allTemporarily disable the vulnerable SVG widget feature in Element Pack settings
Restrict Contributor Access
allTemporarily remove contributor-level access or limit to trusted users only
🧯 If You Can't Patch
- Remove or disable the Element Pack plugin entirely until patched
- Implement strict file permissions (chmod 600) on sensitive configuration files like wp-config.php
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Element Pack Addons for Elementor → Version number. If version is 8.3.17 or lower, you are vulnerable.Check Version:
wp plugin list --name='Element Pack Addons for Elementor' --field=versionVerify Fix Applied:
After updating, verify version is 8.3.18 or higher in WordPress plugins list.📡 Detection & Monitoring
Log Indicators:
- Unusual file access patterns in web server logs, particularly requests to SVG widget endpoints with file path parameters
Network Indicators:
- HTTP requests to /wp-admin/admin-ajax.php with action=element_pack_svg_render containing file path parameters
SIEM Query:
source="web_server_logs" AND uri="/wp-admin/admin-ajax.php" AND query="action=element_pack_svg_render" AND (query="file=" OR query="path=")🔗 References
- https://plugins.trac.wordpress.org/browser/bdthemes-element-pack-lite/tags/8.3.16/modules/svg-image/widgets/svg-image.php#L850
- https://plugins.trac.wordpress.org/changeset/3452826/bdthemes-element-pack-lite#file1135
- https://www.wordfence.com/threat-intel/vulnerabilities/id/58f9bef5-6596-40b2-bcb6-d686e87d8d8f?source=cve
