Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ideabox powerpack addons for elementor vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2024-1055
The PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's buttons in all versions up to, and including, 2.7.14 due to insufficient input sanitization and output escaping on u...
Ideabox Powerpack Addons For Elementor
4.3
CVSSv3
CVE-2023-6984
The PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.13. This is due to missing or incorrect nonce validation in the powerpack-lite-for-elementor/clas...
Ideabox Powerpack Addons For Elementor
6.1
CVSSv3
CVE-2023-49739
[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]
Ideabox Powerpack Addons For Elementor
6.1
CVSSv3
CVE-2021-25027
The PowerPack Addons for Elementor WordPress plugin prior to 2.6.2 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
Ideabox Powerpack Addons For Elementor
5.4
CVSSv3
CVE-2021-24263
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin prior to 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Ideabox Powerpack Addons For Elementor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started