The Unlimited Elements For Elementor plugin for WordPress has a security issue that could allow hackers to access sensitive information from the database. This vulnerability is caused by a lack of proper protection on a specific parameter called ‘addons_order’ and the way the SQL query is prepared. Attackers with Contributor-level access or higher and permission to edit plugin settings could potentially add their own SQL queries to the existing ones, putting the website at risk.