Access Control Flaw in News Kit Elementor Addons by BlazeThemes
CVE-2026-25416

Currently unrated

Key Information:

Vendor

WordPress
Status
News Kit Elementor Addons
Vendor
CVE Published:
19 February 2026

What is CVE-2026-25416?

A missing authorization vulnerability exists in the News Kit Elementor Addons by BlazeThemes. This flaw allows attackers to exploit incorrectly configured access control security levels, potentially gaining unauthorized access to sensitive functionality within the plugin. This issue affects versions up to and including 1.4.2, making it crucial for users to update to the latest version to ensure their systems remain secure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

News Kit Elementor Addons <= n/a

References

https://patchstack.com/database/Wordpress/Plugin/news-kit...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

0xd4rk5id3 | Patchstack Bug Bounty Program
JSON
.