CVE-2025-0968 is a vulnerability classified under CWE-284 (Improper Access Control) affecting the ElementsKit Elementor addons plugin for WordPress. The root cause is the absence of proper capability checks in the get_megamenu_content() function, which is responsible for retrieving menu content created via Elementor. This flaw allows unauthenticated remote attackers to bypass access controls and retrieve any Elementor content, including sensitive drafts, trashed items, and private pages or templates that should normally be restricted. The vulnerability impacts all versions of the plugin up to and including 3.4.0. Since the attack vector is network-based and requires no privileges or user interaction, it is relatively easy to exploit. The exposure of sensitive content can lead to information leakage, potentially aiding further attacks such as social engineering or reconnaissance. No known public exploits have been reported yet, but the vulnerability is publicly disclosed and assigned CVE-2025-0968 with a CVSS v3.1 base score of 5.3, indicating a medium severity level. The vulnerability specifically compromises confidentiality but does not affect integrity or availability of the system. The plugin is widely used in WordPress sites that utilize Elementor for page building, making a broad range of websites potentially vulnerable until patched.

The primary impact of CVE-2025-0968 is the unauthorized disclosure of sensitive information stored within Elementor-created content on WordPress sites using the ElementsKit addon. This includes access to unpublished drafts, private pages, trashed items, and templates that may contain confidential business information, intellectual property, or personal data. Such exposure can facilitate further attacks like targeted phishing, social engineering, or reconnaissance by adversaries. While the vulnerability does not allow modification or deletion of content, the breach of confidentiality can damage organizational reputation and violate data privacy regulations. Since the vulnerability requires no authentication and can be exploited remotely, any affected website is at risk of data leakage. Organizations relying on this plugin for their web presence, especially those hosting sensitive or proprietary content, face increased risk until remediation is applied. The medium CVSS score reflects moderate risk, but the ease of exploitation and scope of affected sites could lead to widespread information exposure.

To mitigate CVE-2025-0968, organizations should immediately update the ElementsKit Elementor addons plugin to a version that includes proper capability checks once released by the vendor. Until an official patch is available, administrators can implement the following specific measures: 1) Restrict access to the get_megamenu_content() endpoint by configuring web application firewalls (WAF) or server rules to block unauthenticated requests targeting this function. 2) Limit plugin usage to trusted administrators and disable or remove the plugin if it is not essential. 3) Harden WordPress security by enforcing strict user role permissions and monitoring access logs for suspicious requests to Elementor-related endpoints. 4) Employ content access control plugins that provide additional layers of authorization checks beyond the vulnerable plugin. 5) Regularly audit website content visibility settings to ensure sensitive drafts or private pages are not inadvertently exposed. 6) Monitor threat intelligence sources for any emerging exploits and apply patches promptly. These targeted mitigations go beyond generic advice by focusing on access control enforcement and minimizing attack surface until the vendor patch is available.