A vulnerability was found in wproyal Royal Addons for Elementor Plugin up to 1.7.1049 on WordPress. It has been declared as problematic . Affected is the function get_main_query_args . Such manipulation leads to missing authorization. This vulnerability is referenced as CVE-2026-2373 . It is possible to launch the attack remotely. No exploit is available.