Leap13

Premium Addons For Elementor

37 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-6824

  • EPSS 0.19%
  • Veröffentlicht 08.08.2024 06:15:41
  • Zuletzt bearbeitet 08.01.2025 21:19:51

The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'check_temp_validity' and 'update_template_title' functions in all versions up to, and includin...

5.4

CVE-2024-37922

  • EPSS 0.14%
  • Veröffentlicht 20.07.2024 09:15:05
  • Zuletzt bearbeitet 03.02.2025 15:41:55

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.34.

5.4

CVE-2024-6495

  • EPSS 0.31%
  • Veröffentlicht 12.07.2024 13:15:21
  • Zuletzt bearbeitet 15.01.2025 17:37:12

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user ...

4.3

CVE-2024-6434

  • EPSS 0.09%
  • Veröffentlicht 04.07.2024 09:15:05
  • Zuletzt bearbeitet 21.11.2024 09:49:38

The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 4.10.35. This is due to processing user-supplied input as a regular expression. This makes it po...

5.4

CVE-2024-6340

  • EPSS 0.23%
  • Veröffentlicht 03.07.2024 08:15:10
  • Zuletzt bearbeitet 21.11.2024 09:49:27

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 4.10.35 due to insufficient input sanitization and output escaping on user supp...

5.4

CVE-2024-5553

  • EPSS 0.36%
  • Veröffentlicht 12.06.2024 04:15:13
  • Zuletzt bearbeitet 15.01.2025 17:29:08

The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via several parameters in all versions up to, and including, 4.10.33 due to insufficient input sanitization and output escaping. This makes i...

5.4

CVE-2024-4379

  • EPSS 0.36%
  • Veröffentlicht 31.05.2024 06:15:13
  • Zuletzt bearbeitet 15.01.2025 17:56:38

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Global Tooltip widget in all versions up to, and including, 4.10.31 due to insufficient input sanitization and output escaping on user...

5.4

CVE-2024-4376

  • EPSS 0.36%
  • Veröffentlicht 31.05.2024 06:15:13
  • Zuletzt bearbeitet 15.01.2025 17:55:38

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, and including, 4.10.31 due to insufficient input sanitization and output escaping on user sup...

4.3

CVE-2024-4205

  • EPSS 0.38%
  • Veröffentlicht 31.05.2024 06:15:12
  • Zuletzt bearbeitet 15.01.2025 17:50:27

The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_template_content() function in all versions up to, and including, 4.10.31. This makes it possible for auth...

5.4

CVE-2024-4378

  • EPSS 0.23%
  • Veröffentlicht 23.05.2024 11:15:24
  • Zuletzt bearbeitet 08.01.2025 20:07:57

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's menu and shape widgets in all versions up to, and including, 4.10.30 due to insufficient input sanitization and output escaping on use...