A vulnerability, which was classified as critical , has been found in Unlimited Elements For Elementor Plugin up to 2.0.8 on WordPress. This impacts an unknown function. Performing a manipulation results in sql injection. This vulnerability was named CVE-2026-48837 . The attack may be initiated remotely. There is no available exploit.