Royal-elementor-addons

Royal Elementor Addons

58 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-56227

  • EPSS 0.11%
  • Veröffentlicht 31.12.2024 11:15:08
  • Zuletzt bearbeitet 21.03.2025 13:16:51

Missing Authorization vulnerability in WP Royal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through 1.7.1001.

6.1

CVE-2024-56226

  • EPSS 0.11%
  • Veröffentlicht 31.12.2024 11:15:08
  • Zuletzt bearbeitet 21.03.2025 13:15:36

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through 1.7.1001.

4.3

CVE-2024-10798

  • EPSS 0.08%
  • Veröffentlicht 28.11.2024 10:15:05
  • Zuletzt bearbeitet 04.03.2025 18:19:12

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1003 via the 'wpr-template' shortcode due to insufficient restrictions on which posts can be included. This ...

5.4

CVE-2024-9682

  • EPSS 0.13%
  • Veröffentlicht 13.11.2024 09:15:04
  • Zuletzt bearbeitet 19.11.2024 15:47:07

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Form Builder widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping ...

5.4

CVE-2024-9668

  • EPSS 0.19%
  • Veröffentlicht 13.11.2024 09:15:04
  • Zuletzt bearbeitet 19.11.2024 15:55:00

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping on ...

5.4

CVE-2024-9059

  • EPSS 0.14%
  • Veröffentlicht 13.11.2024 09:15:03
  • Zuletzt bearbeitet 19.11.2024 15:53:56

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping. This make...

7.2

CVE-2024-50442

  • EPSS 0.13%
  • Veröffentlicht 28.10.2024 12:15:15
  • Zuletzt bearbeitet 29.10.2024 16:04:29

Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through 1.3.980.

4.3

CVE-2024-7417

  • EPSS 0.35%
  • Veröffentlicht 17.10.2024 04:15:04
  • Zuletzt bearbeitet 10.01.2025 14:32:16

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the data_fetch. This makes it possible for authenticated attackers, with subscriber-level access and...

6.4

CVE-2024-8482

  • EPSS 0.33%
  • Veröffentlicht 08.10.2024 12:15:03
  • Zuletzt bearbeitet 15.01.2025 17:43:43

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 1.3.982 due to insufficient input sanitization and output escaping. This makes it...

5.4

CVE-2024-44001

  • EPSS 0.4%
  • Veröffentlicht 18.09.2024 00:15:09
  • Zuletzt bearbeitet 25.09.2024 20:13:04

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.3.982.