The Education Addon for Elementor is a plugin used for WordPress websites. Unfortunately, it has a security issue that affects all versions up to 1.3.1. This problem is known as Insecure Direct Object Reference and is caused by a lack of proper checks on a specific part of the plugin. This means that people who are signed into the website with Contributor-level access or higher can access private information from posts that aren’t supposed to be public. This vulnerability only affects posts that were created using Elementor.