CVE-2025-32158
- EPSS 0.15%
- Veröffentlicht 10.04.2025 08:15:16
- Zuletzt bearbeitet 29.05.2025 15:59:05
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in aThemes aThemes Addons for Elementor. This issue affects aThemes Addons for Elementor: from n/a through 1.0.15.
CVE-2025-22646
- EPSS 0.05%
- Veröffentlicht 27.03.2025 15:15:57
- Zuletzt bearbeitet 29.05.2025 16:01:17
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aThemes aThemes Addons for Elementor allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through 1.0.8.
CVE-2024-13547
- EPSS 0.08%
- Veröffentlicht 01.02.2025 04:15:30
- Zuletzt bearbeitet 24.02.2025 16:16:56
The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions up to, and including, 1.0.12 due to insufficient input sanitization and output escaping. This makes it p...
CVE-2024-51675
- EPSS 0.1%
- Veröffentlicht 09.11.2024 13:15:05
- Zuletzt bearbeitet 29.05.2025 16:01:31
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in aThemes aThemes Addons for Elementor allows DOM-Based XSS.This issue affects aThemes Addons for Elementor: from n/a through 1.0.7.