CVE-2026-24386
WordPress Element Invader โ Template Kits for Elementor plugin <= 1.2.4 - Broken Access Control vulnerability
CVSS Score
4.3
EPSS Score
0.0%
EPSS Percentile
0th
Missing Authorization vulnerability in Element Invader Element Invader – Template Kits for Elementor elementinvader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Invader – Template Kits for Elementor: from n/a through <= 1.2.4.
| CWE | CWE-862 |
| Vendor | element invader |
| Product | element invader – template kits for elementor |
| Published | Jan 22, 2026 |
| Last Updated | Apr 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for element invader element invader – template kits for elementor
Be the first to know when new medium vulnerabilities affecting element invader element invader – template kits for elementor are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Element Invader / Element Invader – Template Kits for Elementor
0 โค 1.2.4
References
Credits
Nabil Irawan | Patchstack Bug Bounty Program