Unlimited-elements

Unlimited Elements For Elementor

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2024-3190

  • EPSS 0.31%
  • Veröffentlicht 30.05.2024 04:15:10
  • Zuletzt bearbeitet 30.01.2025 16:09:08

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's text field widget in all versions up to, and including, 1.5.107 due to insufficient input saniti...

8.8

CVE-2023-6743

  • EPSS 5.84%
  • Veröffentlicht 29.05.2024 05:16:08
  • Zuletzt bearbeitet 30.01.2025 16:09:46

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.89 via the template import functionality. This makes it possible for authenti...

8.8

CVE-2024-4779

  • EPSS 0.63%
  • Veröffentlicht 23.05.2024 10:15:09
  • Zuletzt bearbeitet 30.01.2025 16:10:38

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to SQL Injection via the ‘data[post_ids][0]’ parameter in all versions up to, and including, 1.5.107 due to insufficient escaping on the user su...

6.1

CVE-2024-3547

  • EPSS 1.15%
  • Veröffentlicht 14.05.2024 15:41:48
  • Zuletzt bearbeitet 30.01.2025 16:10:54

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'google_connect_error' parameter in all versions up to, and including, 1.5.102 due to insufficient inp...

8.8

CVE-2024-3055

  • EPSS 0.42%
  • Veröffentlicht 14.05.2024 15:39:50
  • Zuletzt bearbeitet 30.01.2025 16:11:40

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.102 due to insufficient escaping on the user suppli...

7.2

CVE-2024-2662

  • EPSS 2.91%
  • Veröffentlicht 14.05.2024 15:20:17
  • Zuletzt bearbeitet 30.01.2025 16:12:13

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to command injection in all versions up to, and including, 1.5.102. This is due to insufficient filtering of template attributes during the crea...

8.8

CVE-2023-31090

  • EPSS 0.31%
  • Veröffentlicht 24.04.2024 16:15:07
  • Zuletzt bearbeitet 05.02.2025 15:45:37

Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Upload a Web Shell to a Web Server.This issue affects Unlimited Elements For Elementor (Free...

5.4

CVE-2024-0367

  • EPSS 0.12%
  • Veröffentlicht 30.03.2024 05:15:34
  • Zuletzt bearbeitet 30.01.2025 16:01:22

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link field of an installed widget (e.g., 'Button Link') in all versions up to, and including, 1.5.96 due to insufficient input sanitization...

6.1

CVE-2024-29792

  • EPSS 0.35%
  • Veröffentlicht 27.03.2024 13:15:50
  • Zuletzt bearbeitet 05.02.2025 15:40:41

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Reflected XSS.This issue affects Unlimited Elements For...

6.5

CVE-2023-31231

  • EPSS 0.06%
  • Veröffentlicht 20.12.2023 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:01:40

Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a thr...