Royal-elementor-addons

Royal Elementor Addons

58 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.4

CVE-2024-2799

  • EPSS 0.12%
  • Veröffentlicht 23.04.2024 06:15:07
  • Zuletzt bearbeitet 10.01.2025 21:35:28

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid & Advanced Text widget HTML tags in all versions up to, and including, 1.3.96 due to insufficient input sanitization and out...

6.5

CVE-2024-2798

  • EPSS 0.19%
  • Veröffentlicht 23.04.2024 06:15:07
  • Zuletzt bearbeitet 10.01.2025 21:34:59

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget containers in all versions up to, and including, 1.3.971 due to insufficient input sanitization and output escaping on ...

5.4

CVE-2024-31236

  • EPSS 0.14%
  • Veröffentlicht 07.04.2024 18:15:09
  • Zuletzt bearbeitet 08.01.2025 16:31:38

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.3.93.

5.4

CVE-2024-1500

  • EPSS 0.15%
  • Veröffentlicht 07.03.2024 06:15:50
  • Zuletzt bearbeitet 08.01.2025 18:34:33

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Logo Widget in all versions up to, and including, 1.3.91 due to insufficient input sanitization and output escaping on user supplied UR...

5.3

CVE-2024-0516

  • EPSS 0.17%
  • Veröffentlicht 29.02.2024 01:43:18
  • Zuletzt bearbeitet 08.01.2025 19:06:41

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to unauthorized post metadata update due to a missing capability check on the wpr_update_form_action_meta function in all versions up to, and including, 1.3.87. This makes it...

4.3

CVE-2024-0515

  • EPSS 0.12%
  • Veröffentlicht 29.02.2024 01:43:18
  • Zuletzt bearbeitet 08.01.2025 19:02:52

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.87. This is due to missing or incorrect nonce validation on the remove_from_compare function. This mak...

4.3

CVE-2024-0514

  • EPSS 0.2%
  • Veröffentlicht 29.02.2024 01:43:18
  • Zuletzt bearbeitet 08.01.2025 18:59:31

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.87. This is due to missing or incorrect nonce validation on the add_to_compare function. This makes it...

4.3

CVE-2024-0513

  • EPSS 0.12%
  • Veröffentlicht 29.02.2024 01:43:17
  • Zuletzt bearbeitet 08.01.2025 18:58:49

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.87. This is due to missing or incorrect nonce validation on the remove_from_wishlist function. This ma...

4.3

CVE-2024-0512

  • EPSS 0.16%
  • Veröffentlicht 29.02.2024 01:43:17
  • Zuletzt bearbeitet 08.01.2025 18:52:15

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.87. This is due to missing or incorrect nonce validation on the add_to_wishlist function. This makes i...

6.4

CVE-2024-0442

  • EPSS 0.18%
  • Veröffentlicht 29.02.2024 01:43:12
  • Zuletzt bearbeitet 08.01.2025 18:48:34

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via element URL parameters in all versions up to, and including, 1.3.87 due to insufficient input sanitization and output escaping. This makes ...