Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
addons vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-25027
The PowerPack Addons for Elementor WordPress plugin prior to 2.6.2 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
Ideabox Powerpack Addons For Elementor
NA
CVE-2024-24831
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a up to and including 4.10.16.
Leap13 Premium Addons For Elementor
383
VMScore
CVE-2022-0327
The Master Addons for Elementor WordPress plugin prior to 1.8.5 does not sanitise and escape the error_message parameter before outputting it back in the response of the jltma_restrict_content AJAX action, available to unauthenticated and authenticated users, leading to a Reflect...
Jeweltheme Master Addons For Elementor
NA
CVE-2023-6984
The PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.13. This is due to missing or incorrect nonce validation in the powerpack-lite-for-elementor/clas...
Ideabox Powerpack Addons For Elementor
NA
CVE-2024-0585
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 5.9.4 due to insuf...
Wpdeveloper Essential Addons For Elementor
NA
CVE-2024-0586
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Login/Register Element in all versions up to, and including, 5.9.4 due to insufficient input san...
Wpdeveloper Essential Addons For Elementor
NA
CVE-2023-37390
Deserialization of Untrusted Data vulnerability in Themesflat Themesflat Addons For Elementor.This issue affects Themesflat Addons For Elementor: from n/a up to and including 2.0.0.
Themesflat Themesflat Addons For Elementor
NA
CVE-2023-6582
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.3 via the ekit_widgetarea_content function. This makes it possible for unauthenticated malicious users to obtain contents of posts in dr...
Wpmet Elements Kit Elementor Addons
570
VMScore
CVE-2020-13125
An issue exists in the "Ultimate Addons for Elementor" plugin prior to 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled.
Brainstormforce Ultimate Addons For Elementor
NA
CVE-2023-34012
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions.
Leap13 Premium Addons For Elementor
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »