CVE ID :CVE-2026-1870 Published : March 14, 2026, 1:24 p.m. | 1 hour, 29 minutes ago Description :The Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing validation checks on the 'thim-ekit/archive-course/get-courses' REST endpoint callback function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to disclose private or draft LearnPress course content by supplying post_status in the params_url payload. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...