Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
addons vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0448
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget URL parameters in all versions up to, and including, 8.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authen...
Livemesh Elementor Addons
NA
CVE-2023-37868
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a up to and including 2.9.0.
Leap13 Premium Addons
312
VMScore
CVE-2020-26239
Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links addon of the Scratch Addons extension used incorrect regular expression which cause...
Scratchaddons Scratch Addons
NA
CVE-2022-4784
The Hueman Addons WordPress plugin up to and including 2.3.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-...
Presscustomizr Hueman Addons
NA
CVE-2024-22136
Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder.This issue affects Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder: from n/a up to and in...
Droitthemes Droit Elementor Addons
NA
CVE-2023-47840
Improper Control of Generation of Code ('Code Injection') vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a up to and including 1.5.2.
Qodeinteractive Qode Essential Addons
1 Github repository
383
VMScore
CVE-2015-2690
Multiple cross-site scripting (XSS) vulnerabilities in views/add-license-form.php in the Digium Addons module (digiumaddoninstaller) prior to 2.11.0.7 for FreePBX allow remote malicious users to inject arbitrary web script or HTML via the (1) add_license_key, (2) add_license_firs...
Digium Addons Module 2.11.0.6
NA
CVE-2023-50027
SQL Injection vulnerability in Buy Addons baproductzoommagnifier module for PrestaShop versions 1.0.16 and before, allows remote malicious users to escalate privileges and gain sensitive information via BaproductzoommagnifierZoomModuleFrontController::run() method.
Buy-addons Bazoom Magnifier
312
VMScore
CVE-2021-24260
The “Livemesh Addons for Elementor” WordPress Plugin prior to 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Livemeshelementor Addons For Elementor
NA
CVE-2022-3862
The Livemesh Addons for Elementor WordPress plugin prior to 7.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for exa...
Livemeshelementor Addons For Elementor
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »