Tech Apr 18, 2026 4 min CVE-2026-4326 in Vertex Addons for Elementor Lets Subscribers Install Arbitrary Plugins The WordPress plugin Vertex Addons for Elementor (<= v1.6.4) has a broken authorization check in activate_required_plugins() that lets Subscriber-level users install and activate arbitrary plugins. CWE-862, CVSS 8.8. Security WordPress CVE Vulnerability Elementor Wordfence
