Wpdeveloper

Essential Addons For Elementor

57 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-4156

  • EPSS 0.3%
  • Veröffentlicht 02.05.2024 17:15:35
  • Zuletzt bearbeitet 15.01.2025 18:04:58

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eael_event_text_color’ parameter in versions up to, and including, 5.9.17 d...

5.4

CVE-2024-4003

  • EPSS 0.27%
  • Veröffentlicht 02.05.2024 17:15:33
  • Zuletzt bearbeitet 15.01.2025 18:04:17

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the eael_team_members_image_rounded parameter in the Team Members widget in all ...

6.4

CVE-2024-3728

  • EPSS 0.27%
  • Veröffentlicht 02.05.2024 17:15:30
  • Zuletzt bearbeitet 08.01.2025 21:11:21

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery & Interactive Circle widgets in all versions up ...

5.3

CVE-2024-3733

  • EPSS 0.39%
  • Veröffentlicht 25.04.2024 09:15:08
  • Zuletzt bearbeitet 10.01.2025 21:36:36

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajax_load_more() , eael_woo_...

6.4

CVE-2024-3645

  • EPSS 0.17%
  • Veröffentlicht 22.04.2024 14:15:07
  • Zuletzt bearbeitet 10.01.2025 21:33:19

The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Counter widget in all versions up to, and including, 5.8.11 due to insufficient input sanitization and output escaping on user s...

6.4

CVE-2024-3333

  • EPSS 0.24%
  • Veröffentlicht 17.04.2024 12:15:07
  • Zuletzt bearbeitet 08.01.2025 19:43:24

The Essential Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attributes of widgets in all versions up to, and including, 5.9.14 due to insufficient input sanitization and output escaping on user sup...

5.3

CVE-2024-2974

  • EPSS 0.39%
  • Veröffentlicht 09.04.2024 19:15:38
  • Zuletzt bearbeitet 08.01.2025 20:06:14

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 5.9.13 via the load_more function. This can all...

6.4

CVE-2024-2650

  • EPSS 0.18%
  • Veröffentlicht 09.04.2024 19:15:35
  • Zuletzt bearbeitet 08.01.2025 20:06:29

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the alignment parameter in the Woo Product Carousel widget in all versions up to...

6.4

CVE-2024-2623

  • EPSS 0.21%
  • Veröffentlicht 09.04.2024 19:15:35
  • Zuletzt bearbeitet 08.01.2025 20:15:47

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget's message parameter in all versions up to, and including, 5...

8.8

CVE-2024-3018

  • EPSS 1.09%
  • Veröffentlicht 30.03.2024 12:15:07
  • Zuletzt bearbeitet 08.01.2025 19:35:58

The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.9.13 via deserialization of untrusted input from the 'error_resetpassword' attribute of the "Login | Register Form" ...