Wpdeveloper

Essential Addons For Elementor

54 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2021-4447

  • EPSS 0.14%
  • Veröffentlicht 16.10.2024 07:15:10
  • Zuletzt bearbeitet 10.01.2025 14:39:08

The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor creat...

4.3

CVE-2021-4446

  • EPSS 0.07%
  • Veröffentlicht 16.10.2024 07:15:10
  • Zuletzt bearbeitet 10.01.2025 14:46:34

The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6.4 due to missing capability checks and nonce disclosure. This makes it possible for authenticated attackers, with minima...

5.4

CVE-2024-8742

  • EPSS 0.12%
  • Veröffentlicht 13.09.2024 07:15:08
  • Zuletzt bearbeitet 27.09.2024 16:28:07

The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and includi...

5.4

CVE-2024-8440

  • EPSS 0.09%
  • Veröffentlicht 11.09.2024 07:15:04
  • Zuletzt bearbeitet 25.09.2024 19:34:19

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, and including, 6.0.3 due t...

5.4

CVE-2024-7092

  • EPSS 0.17%
  • Veröffentlicht 13.08.2024 05:15:14
  • Zuletzt bearbeitet 08.01.2025 20:53:45

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘no_more_items_text’ parameter in all versions up to, and including, 5.9.27 ...

5.4

CVE-2024-39649

  • EPSS 0.2%
  • Veröffentlicht 01.08.2024 22:15:26
  • Zuletzt bearbeitet 01.03.2025 02:14:17

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through 5.9.26.

5.4

CVE-2024-5189

  • EPSS 0.14%
  • Veröffentlicht 11.06.2024 14:15:12
  • Zuletzt bearbeitet 15.01.2025 17:16:13

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘custom_js’ parameter in all versions up to, and including, 5.9.23 due to in...

5.4

CVE-2024-5612

  • EPSS 0.23%
  • Veröffentlicht 07.06.2024 05:15:50
  • Zuletzt bearbeitet 21.11.2024 09:48:01

The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eael_lightbox_open_btn_icon’ parameter within the Lightbox & Modal widget in all versions up to, and including, 5.8.15 due to insufficie...

5.4

CVE-2024-5188

  • EPSS 0.17%
  • Veröffentlicht 06.06.2024 11:15:49
  • Zuletzt bearbeitet 21.11.2024 09:47:09

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'get_manual_calendar_events' function in all versions up to, and including, ...

5.4

CVE-2024-34764

  • EPSS 0.11%
  • Veröffentlicht 03.06.2024 12:15:09
  • Zuletzt bearbeitet 01.03.2025 01:48:32

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through 5.9.15.