Missing Authorization Vulnerability in ADD-ONS.ORG PDF for Elementor Forms by WordPress
CVE-2026-45443

5MEDIUM

Key Information:

Vendor: WordPress
Status: PDF For Elementor Forms + Drag And Drop Template Builder
Vendor: CVE Published:; 20 May 2026

What is CVE-2026-45443?

A missing authorization vulnerability exists in the ADD-ONS.ORG PDF for Elementor Forms + Drag And Drop Template Builder, which allows attackers to exploit incorrectly configured access control security levels. This issue could potentially lead to unauthorized access to sensitive data or functionality, impacting users who rely on this plugin for their forms and document management.

Affected Version(s)

PDF for Elementor Forms + Drag And Drop Template Builder <= 5.5.1

References

https://patchstack.com/database/wordpress/plugin/pdf-for-...

vdb-entry

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
May 12, 2026

Credit

Nguyen Tran Tuan Dung (domiee13) | Patchstack Bug Bounty Program

CVE-2026-45443 Data

JSON