Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
addons vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-24262
The “WooLentor – WooCommerce Elementor Addons + Builder” WordPress Plugin prior to 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Hasthemes Woolentor - Woocommerce Elementor Addons + Builder
6.1
CVSSv3
CVE-2021-24358
The Plus Addons for Elementor Page Builder WordPress plugin prior to 4.1.10 did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an Open Redirect issue.
Posimyth The Plus Addons For Elementor
5.3
CVSSv3
CVE-2021-24359
The Plus Addons for Elementor Page Builder WordPress plugin prior to 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an malicious user to send an arbitrary reset password email to a registered user on behalf of the WordPress...
Posimyth The Plus Addons For Elementor
8.8
CVSSv3
CVE-2021-4331
The Plus Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 4.1.9 (pro) and 2.0.6 (free). The plugin adds a registration form to the Elementor page builders functionality. As part of the registration form, users can ch...
Posimyth The Plus Addons For Elementor
5.3
CVSSv3
CVE-2024-35728
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Themeisle PPOM for WooCommerce allows Code Inclusion.This issue affects PPOM for WooCommerce: from n/a up to and including 32.0.20.
Themeisle Product Addons & Fields For Woocommerce
9.8
CVSSv3
CVE-2021-24175
The Plus Addons for Elementor Page Builder WordPress plugin prior to 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user (including admin) by just providing the related username, as well as creat...
Posimyth The Plus Addons For Elementor
4.3
CVSSv3
CVE-2023-23882
Missing Authorization vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a up to and including 1.5.5.
Brainstormforce Ultimate Addons For Beaver Builder
7.2
CVSSv3
CVE-2023-6925
The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importZipFile' function in versions up to, and including, 1.0.42. This makes it possible for authenticated attack...
Unitecms Unlimited Addons For Wpbakery Page Builder
8.8
CVSSv3
CVE-2023-51402
Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm Force Ultimate Addons for WPBakery Page Builder.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a up to and including 3.19.17.
Brainstormforce Ultimate Addons For Wpbakery Page Builder
5.4
CVSSv3
CVE-2023-46211
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder plugin <= 3.19.14 versions.
Brainstormforce Ultimate Addons For Wpbakery Page Builder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »