Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elementor vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2024-0823
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Link To' url in carousels in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping on user supplied attributes. Th...
Devscred Exclusive Addons For Elementor
5.4
CVSSv3
CVE-2024-0824
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Link Anything functionality in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
Devscred Exclusive Addons For Elementor
6.1
CVSSv3
CVE-2023-41236
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Happy addons Happy Elementor Addons Pro plugin <= 2.8.0 versions.
Wedevs Happy Addons For Elementor
7.5
CVSSv3
CVE-2019-15839
The sina-extension-for-elementor plugin prior to 2.2.1 for WordPress has local file inclusion.
Shaosina Sina Extension For Elementor
5.4
CVSSv3
CVE-2023-0280
The Ultimate Carousel For Elementor WordPress plugin up to and including 2.1.7 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored...
Topdigitaltrends Ultimate Carousel For Elementor
4.3
CVSSv3
CVE-2023-0495
The HT Slider For Elementor WordPress plugin prior to 1.4.0 does not have CSRF check when activating plugins, which could allow malicious users to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
Hasthemes Ht Slider For Elementor
8.8
CVSSv3
CVE-2023-28989
Cross-Site Request Forgery (CSRF) vulnerability in weDevs Happy Addons for Elementor plugin <= 3.8.2 versions.
Wedevs Happy Addons For Elementor
5.4
CVSSv3
CVE-2021-24273
The “Clever Addons for Elementor” WordPress Plugin prior to 2.1.0 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Cleversoft Clever Addons For Elementor
5.4
CVSSv3
CVE-2021-24292
The Happy Addons for Elementor WordPress plugin prior to 2.24.0, Happy Addons Pro for Elementor WordPress plugin prior to 1.17.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting(XSS) by lower-privileged users such as contributors, all via a similar meth...
Wedevs Happy Addons For Elementor
5.4
CVSSv3
CVE-2024-0954
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting through editing context via the 'data-eael-wrapper-link' wrapper in all versions up to, and in...
Wpdeveloper Essential Addons For Elementor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »