Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
addons vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-25027
The PowerPack Addons for Elementor WordPress plugin prior to 2.6.2 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
Ideabox Powerpack Addons For Elementor
NA
CVE-2023-41236
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Happy addons Happy Elementor Addons Pro plugin <= 2.8.0 versions.
Wedevs Happy Addons For Elementor
4.3
CVSSv2
CVE-2022-0327
The Master Addons for Elementor WordPress plugin prior to 1.8.5 does not sanitise and escape the error_message parameter before outputting it back in the response of the jltma_restrict_content AJAX action, available to unauthenticated and authenticated users, leading to a Reflect...
Jeweltheme Master Addons For Elementor
NA
CVE-2023-28989
Cross-Site Request Forgery (CSRF) vulnerability in weDevs Happy Addons for Elementor plugin <= 3.8.2 versions.
Wedevs Happy Addons For Elementor
NA
CVE-2022-45067
Cross-Site Request Forgery (CSRF) vulnerability in DevsCred Exclusive Addons Elementor plugin <= 2.6.1 versions.
Devscred Exclusive Addons For Elementor
4.3
CVSSv2
CVE-2022-0683
The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the ~/includes/Traits/Helper.php file which allows malicious users to inject arbitrary web scripts onto ...
Wpdeveloper Essential Addons For Elementor
6.4
CVSSv2
CVE-2020-13125
An issue exists in the "Ultimate Addons for Elementor" plugin prior to 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled.
Brainstormforce Ultimate Addons For Elementor
NA
CVE-2023-37390
Deserialization of Untrusted Data vulnerability in Themesflat Themesflat Addons For Elementor.This issue affects Themesflat Addons For Elementor: from n/a up to and including 2.0.0.
Themesflat Themesflat Addons For Elementor
NA
CVE-2023-3779
The Essential Addons For Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 5.8.1 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthen...
Wpdeveloper Essential Addons For Elementor
NA
CVE-2024-24831
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a up to and including 4.10.16.
Leap13 Premium Addons For Elementor
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »