Bdthemes

Element Pack

34 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-8100

  • EPSS 0.03%
  • Veröffentlicht 06.08.2025 03:40:59
  • Zuletzt bearbeitet 13.08.2025 18:27:30

The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. T...

5.4

CVE-2025-5944

Exploit
  • EPSS 0.07%
  • Veröffentlicht 03.07.2025 04:25:01
  • Zuletzt bearbeitet 09.07.2025 17:52:41

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-caption’ attribute in all versions up to, and including, 8.0.0 due to insufficient input sanitization and output escaping. This make...

5.4

CVE-2025-1458

  • EPSS 0.12%
  • Veröffentlicht 26.04.2025 05:34:23
  • Zuletzt bearbeitet 06.05.2025 14:11:15

The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets like Dual Button, Creative Button, Image Stack and more in all versio...

5.4

CVE-2024-12851

  • EPSS 0.22%
  • Veröffentlicht 08.01.2025 07:15:27
  • Zuletzt bearbeitet 17.01.2025 20:47:22

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom_attributes parameter of the Cookie Consent Widget in all ve...

4.3

CVE-2024-11852

  • EPSS 0.17%
  • Veröffentlicht 22.12.2024 02:15:16
  • Zuletzt bearbeitet 29.01.2025 15:37:30

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_layouts() function in all ver...

5.4

CVE-2024-9058

  • EPSS 0.15%
  • Veröffentlicht 03.12.2024 07:15:04
  • Zuletzt bearbeitet 29.01.2025 15:36:12

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Lightbox widget in all versions up to, and including, 5.10.5 due to ...

5.4

CVE-2024-10980

Exploit
  • EPSS 0.08%
  • Veröffentlicht 29.11.2024 06:15:06
  • Zuletzt bearbeitet 07.05.2025 00:03:07

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/p...

5.4

CVE-2024-10493

Exploit
  • EPSS 0.11%
  • Veröffentlicht 28.11.2024 06:15:08
  • Zuletzt bearbeitet 15.05.2025 17:37:55

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) WordPress plugin before 5.10.3 does not validate and escape some of its block options before outputting them back in a page/post where the blo...

5.4

CVE-2024-9867

  • EPSS 0.23%
  • Veröffentlicht 05.11.2024 12:15:15
  • Zuletzt bearbeitet 08.11.2024 16:00:04

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget' marker_content parameter in all versions up to, an...

5.4

CVE-2024-9657

  • EPSS 0.98%
  • Veröffentlicht 05.11.2024 12:15:15
  • Zuletzt bearbeitet 08.11.2024 16:00:28

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' parameter in all versions up to, and including, 5.10.2 due...