Royal-elementor-addons

Royal Elementor Addons

59 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-56062

  • EPSS 0.24%
  • Veröffentlicht 31.12.2024 23:15:41
  • Zuletzt bearbeitet 23.04.2026 15:22:35

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through <= 1.3.987.

4.3

CVE-2024-56227

  • EPSS 0.27%
  • Veröffentlicht 31.12.2024 11:15:08
  • Zuletzt bearbeitet 23.04.2026 15:22:39

Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1001.

6.1

CVE-2024-56226

  • EPSS 0.27%
  • Veröffentlicht 31.12.2024 11:15:08
  • Zuletzt bearbeitet 23.04.2026 15:22:39

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1001.

4.3

CVE-2024-10798

  • EPSS 0.38%
  • Veröffentlicht 28.11.2024 10:15:05
  • Zuletzt bearbeitet 04.03.2025 18:19:12

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1003 via the 'wpr-template' shortcode due to insufficient restrictions on which posts can be included. This ...

5.4

CVE-2024-9682

  • EPSS 0.41%
  • Veröffentlicht 13.11.2024 09:15:04
  • Zuletzt bearbeitet 19.11.2024 15:47:07

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Form Builder widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping ...

5.4

CVE-2024-9668

  • EPSS 0.4%
  • Veröffentlicht 13.11.2024 09:15:04
  • Zuletzt bearbeitet 19.11.2024 15:55:00

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping on ...

5.4

CVE-2024-9059

  • EPSS 0.4%
  • Veröffentlicht 13.11.2024 09:15:03
  • Zuletzt bearbeitet 19.11.2024 15:53:56

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping. This make...

7.2

CVE-2024-50442

  • EPSS 0.54%
  • Veröffentlicht 28.10.2024 12:15:15
  • Zuletzt bearbeitet 23.04.2026 15:19:57

Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through <= 1.3.980.

4.3

CVE-2024-7417

  • EPSS 0.4%
  • Veröffentlicht 17.10.2024 04:15:04
  • Zuletzt bearbeitet 10.01.2025 14:32:16

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the data_fetch. This makes it possible for authenticated attackers, with subscriber-level access and...

6.4

CVE-2024-8482

  • EPSS 0.43%
  • Veröffentlicht 08.10.2024 12:15:03
  • Zuletzt bearbeitet 15.01.2025 17:43:43

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 1.3.982 due to insufficient input sanitization and output escaping. This makes it...