A plugin called “Unlimited Elements For Elementor” for WordPress has a security vulnerability that allows hackers to access sensitive information from the website’s database. This is due to a lack of proper protection on a certain parameter and the existing SQL query. As a result, attackers with contributor access or higher can add their own SQL queries to obtain confidential data.