CVE-2025-39589

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Retrieve Embedded Sensitive Data.This issue affects Essential Addons for Elementor: from n/a through <= 6.1.9.

CVSS

No CVSS.

References

Link	Resource
https://patchstack.com/database/Wordpress/Plugin/essential-addons-for-elementor-lite/vulnerability/wordpress-essential-addons-for-elementor-6-1-9-sensitive-data-exposure-vulnerability?_s_id=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*

History

01 Apr 2026, 17:23

Type	Values Removed	Values Added
References	{'url': 'https://patchstack.com/database/wordpress/plugin/essential-addons-for-elementor-lite/vulnerability/wordpress-essential-addons-for-elementor-6-1-9-sensitive-data-exposure-vulnerability?_s_id=cve', 'tags': ['Third Party Advisory'], 'source': 'audit@patchstack.com'}	() https://patchstack.com/database/Wordpress/Plugin/essential-addons-for-elementor-lite/vulnerability/wordpress-essential-addons-for-elementor-6-1-9-sensitive-data-exposure-vulnerability?_s_id=cve - Third Party Advisory
Summary	(en) Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Essential Addons for Elementor: from n/a through 6.1.9.	(en) Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Retrieve Embedded Sensitive Data.This issue affects Essential Addons for Elementor: from n/a through <= 6.1.9.
CVSS	v2 : ~~unknown~~ v3 : ~~4.3~~	v2 : unknown v3 : unknown

28 Jan 2026, 15:26

Type	Values Removed	Values Added
First Time		Wpdeveloper essential Addons For Elementor Wpdeveloper
Summary		(es) Exposición de información sensible del sistema a una vulnerabilidad de esfera de control no autorizada en WPDeveloper Essential Addons for Elementor permite recuperar datos confidenciales incrustados. Este problema afecta a los complementos esenciales para Elementor desde la versión n/d hasta la 6.1.9.
References	~~() https://patchstack.com/database/wordpress/plugin/essential-addons-for-elementor-lite/vulnerability/wordpress-essential-addons-for-elementor-6-1-9-sensitive-data-exposure-vulnerability?_s_id=cve -~~	() https://patchstack.com/database/wordpress/plugin/essential-addons-for-elementor-lite/vulnerability/wordpress-essential-addons-for-elementor-6-1-9-sensitive-data-exposure-vulnerability?_s_id=cve - Third Party Advisory
CPE		cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:::::lite:wordpress::

16 Apr 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-16 13:15

Updated : 2026-04-01 17:23

NVD link : CVE-2025-39589

Mitre link : CVE-2025-39589

CVE.ORG link : CVE-2025-39589

JSON object : View

Products Affected

wpdeveloper

essential_addons_for_elementor

CWE

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

JSON object

Attach tags to CVE-2025-39589

Attach tags to `CVE-2025-39589`