Leap13

Premium Addons For Elementor

37 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-69300

  • EPSS 0.03%
  • Veröffentlicht 22.01.2026 16:52:31
  • Zuletzt bearbeitet 27.01.2026 18:15:54

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through <= 4.11....

7.5

CVE-2025-68494

  • EPSS 0.05%
  • Veröffentlicht 24.12.2025 12:31:19
  • Zuletzt bearbeitet 20.01.2026 15:19:40

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Premium Addons for Elementor: from...

4.3

CVE-2025-14163

  • EPSS 0.02%
  • Veröffentlicht 23.12.2025 09:20:01
  • Zuletzt bearbeitet 05.01.2026 18:16:03

The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insert_inner_template' function. This makes it possible f...

5.3

CVE-2025-14155

  • EPSS 0.68%
  • Veröffentlicht 23.12.2025 09:19:59
  • Zuletzt bearbeitet 05.01.2026 18:17:36

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_template_content' function in all versions up to, and including,...

5.4

CVE-2024-11937

  • EPSS 0.02%
  • Veröffentlicht 04.07.2025 07:22:18
  • Zuletzt bearbeitet 09.07.2025 17:44:13

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile Menu element in all versions up to, and including, 4.10.69 due to insufficient input sanitization and output esc...

5.4

CVE-2025-4774

  • EPSS 0.04%
  • Veröffentlicht 10.06.2025 11:22:51
  • Zuletzt bearbeitet 16.07.2025 16:24:29

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output esc...

8.8

CVE-2024-56225

  • EPSS 0.21%
  • Veröffentlicht 31.12.2024 11:15:08
  • Zuletzt bearbeitet 06.03.2025 19:02:47

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addons for Elementor: from n/a through 4.10.56.

5.4

CVE-2024-10266

  • EPSS 0.23%
  • Veröffentlicht 29.10.2024 11:15:03
  • Zuletzt bearbeitet 07.03.2025 14:55:48

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Box widget in all versions up to, and including, 4.10.60 due to insufficient input sanitization and output escaping on user supp...

4.3

CVE-2021-4445

Exploit
  • EPSS 0.13%
  • Veröffentlicht 16.10.2024 07:15:10
  • Zuletzt bearbeitet 06.03.2025 18:13:11

The Premium Addons for Elementor plugin for WordPress is vulnerable to Arbitrary Option Updates in versions up to, and including, 4.5.1. This is due to missing capability and nonce checks in the pa_dismiss_admin_notice AJAX action. This makes it poss...

5.4

CVE-2024-8681

  • EPSS 0.59%
  • Veröffentlicht 27.09.2024 07:15:05
  • Zuletzt bearbeitet 04.10.2024 19:04:49

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient input sanitization and output escaping on user sup...