Royal-elementor-addons

Royal Elementor Addons

58 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-5818

  • EPSS 0.2%
  • Veröffentlicht 24.07.2024 13:15:10
  • Zuletzt bearbeitet 21.11.2024 09:48:23

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget in all versions up to, and including, 1.3.980 due to insufficient input sanitization and...

5.4

CVE-2024-4489

  • EPSS 0.36%
  • Veröffentlicht 07.06.2024 07:15:47
  • Zuletzt bearbeitet 21.11.2024 09:42:55

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘custom_upload_mimes’ function in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. Th...

5.4

CVE-2024-4488

  • EPSS 0.36%
  • Veröffentlicht 07.06.2024 07:15:47
  • Zuletzt bearbeitet 21.11.2024 09:42:55

The Royal Elementor Addons and Templates for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘inline_list’ parameter in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. This makes it po...

5.4

CVE-2024-4342

  • EPSS 0.46%
  • Veröffentlicht 01.06.2024 06:15:09
  • Zuletzt bearbeitet 08.01.2025 16:34:29

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's image hotspot, image accordion, off canvas, woogrid, and product mini cart widgets in all versions up to, and including, 1.3.9...

5.4

CVE-2024-4087

  • EPSS 0.36%
  • Veröffentlicht 01.06.2024 06:15:08
  • Zuletzt bearbeitet 08.01.2025 16:49:54

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Back to Top widget in all versions up to, and including, 1.3.975 due to insufficient input sanitization and output escaping on...

9.8

CVE-2024-32786

  • EPSS 0.14%
  • Veröffentlicht 17.05.2024 10:15:10
  • Zuletzt bearbeitet 10.03.2025 14:04:00

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through 1.3.93.

5.4

CVE-2024-3887

  • EPSS 0.31%
  • Veröffentlicht 16.05.2024 09:15:15
  • Zuletzt bearbeitet 15.01.2025 18:01:34

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Form Builder widget in all versions up to, and including, 1.3.974 due to insufficient input sanitization and output escaping on user su...

6.4

CVE-2024-3675

  • EPSS 0.25%
  • Veröffentlicht 02.05.2024 17:15:29
  • Zuletzt bearbeitet 08.01.2025 21:11:01

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Flip Carousel, Flip Box, Post Grid, and Taxonomy List widgets in all versions up to, and including, 1.3.971 due to insufficien...

9.8

CVE-2024-1567

  • EPSS 3.72%
  • Veröffentlicht 02.05.2024 17:15:11
  • Zuletzt bearbeitet 08.01.2025 20:47:46

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to limited file uploads due to missing file type validation in the 'file_validity' function in all versions up to, and including, 1.3.94. This makes it possible for unauthent...

6.4

CVE-2024-3889

  • EPSS 0.11%
  • Veröffentlicht 23.04.2024 06:15:07
  • Zuletzt bearbeitet 10.01.2025 21:35:50

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Advanced Accordion widget in all versions up to, and including, 1.3.971 due to insufficient input sanitization and output esca...