Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elementor vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-0683
The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the ~/includes/Traits/Helper.php file which allows malicious users to inject arbitrary web scripts onto ...
Wpdeveloper Essential Addons For Elementor
6.1
CVSSv3
CVE-2022-2116
The Contact Form DB WordPress plugin prior to 1.8.0 does not sanitise and escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting
Webacetechs Contact Form Db - Elementor
8.8
CVSSv3
CVE-2022-47169
Cross-Site Request Forgery (CSRF) vulnerability in StaxWP Visibility Logic for Elementor plugin <= 2.3.4 versions.
Staxwp Visibility Logic For Elementor
5.4
CVSSv3
CVE-2021-24273
The “Clever Addons for Elementor” WordPress Plugin prior to 2.1.0 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Cleversoft Clever Addons For Elementor
9.8
CVSSv3
CVE-2023-37390
Deserialization of Untrusted Data vulnerability in Themesflat Themesflat Addons For Elementor.This issue affects Themesflat Addons For Elementor: from n/a up to and including 2.0.0.
Themesflat Themesflat Addons For Elementor
6.1
CVSSv3
CVE-2023-6632
The Happy Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via DOM in all versions up to and including 3.9.1.1 (versions up to 2.9.1.1 in Happy Addons for Elementor Pro) due to insufficient input sanitization and output escaping. This make...
Wedevs Happy Addons For Elementor
6.5
CVSSv3
CVE-2023-51676
Server-Side Request Forgery (SSRF) vulnerability in Leevio Happy Addons for Elementor.This issue affects Happy Addons for Elementor: from n/a up to and including 3.9.1.1.
Wedevs Happy Addons For Elementor
6.1
CVSSv3
CVE-2023-41236
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Happy addons Happy Elementor Addons Pro plugin <= 2.8.0 versions.
Wedevs Happy Addons For Elementor
9.8
CVSSv3
CVE-2022-0320
The Essential Addons for Elementor WordPress plugin prior to 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated malicious users to perform Local File Inclusion attack and read arbitrary files on the serv...
Wpdeveloper Essential Addons For Elementor
1 Github repository
4.3
CVSSv3
CVE-2023-6984
The PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.13. This is due to missing or incorrect nonce validation in the powerpack-lite-for-elementor/clas...
Ideabox Powerpack Addons For Elementor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »