Webtechstreet

Elementor Addon Elements

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-2792

  • EPSS 0.52%
  • Veröffentlicht 09.04.2024 19:15:37
  • Zuletzt bearbeitet 17.01.2025 14:59:06

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in all versions up to, and including, 1.13.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

5.4

CVE-2024-30422

  • EPSS 0.18%
  • Veröffentlicht 28.03.2024 09:15:08
  • Zuletzt bearbeitet 05.02.2025 15:44:01

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through 1.13.1.

4.6

CVE-2024-2091

  • EPSS 0.2%
  • Veröffentlicht 28.03.2024 03:15:07
  • Zuletzt bearbeitet 17.01.2025 18:35:09

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1.13.1 due to insufficient input sanitization and output escaping on user supplied attribute...

5.4

CVE-2024-29107

  • EPSS 0.09%
  • Veröffentlicht 19.03.2024 16:15:15
  • Zuletzt bearbeitet 28.01.2025 18:25:39

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through 1.12.10.

5.4

CVE-2024-1422

  • EPSS 0.17%
  • Veröffentlicht 13.03.2024 16:15:22
  • Zuletzt bearbeitet 17.01.2025 19:56:49

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the modal popup widget's effect setting in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping on use...

5.4

CVE-2024-1393

  • EPSS 0.3%
  • Veröffentlicht 13.03.2024 16:15:21
  • Zuletzt bearbeitet 17.01.2025 19:54:07

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'icon_align' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and outp...

5.4

CVE-2024-1392

  • EPSS 0.28%
  • Veröffentlicht 13.03.2024 16:15:21
  • Zuletzt bearbeitet 17.01.2025 19:53:57

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button1_icon' attribute of the Dual Button widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output ...

5.4

CVE-2024-1391

  • EPSS 0.3%
  • Veröffentlicht 13.03.2024 16:15:21
  • Zuletzt bearbeitet 17.01.2025 19:52:57

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eae_custom_overlay_switcher’ attribute of the Thumbnail Slider widget in all versions up to, and including, 1.12.12 due to insufficient input sani...

6.5

CVE-2024-1358

  • EPSS 2.61%
  • Veröffentlicht 13.03.2024 16:15:19
  • Zuletzt bearbeitet 17.01.2025 19:52:41

The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to in...

5.4

CVE-2024-0834

  • EPSS 0.23%
  • Veröffentlicht 05.02.2024 22:16:05
  • Zuletzt bearbeitet 21.11.2024 08:47:28

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link_to parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible ...