The Royal Elementor Addons and Templates plugin for WordPress has a security issue where anyone with Contributor-level access or higher can view private or draft posts created with Elementor. This vulnerability, found in all versions up to 1.7.1003, is caused by inadequate restrictions on the ‘wpr-template’ shortcode.