CVE-2023-32243
- EPSS 93.64%
- Veröffentlicht 12.05.2023 08:15:09
- Zuletzt bearbeitet 21.11.2024 08:02:58
Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1.
CVE-2022-0683
- EPSS 0.21%
- Veröffentlicht 24.02.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:39:10
The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the ~/includes/Traits/Helper.php file which allows attackers to inject arb...
CVE-2022-0320
- EPSS 6.01%
- Veröffentlicht 01.02.2022 13:15:09
- Zuletzt bearbeitet 21.11.2024 06:38:22
The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbit...
CVE-2021-24255
- EPSS 0.22%
- Veröffentlicht 05.05.2021 19:15:07
- Zuletzt bearbeitet 21.11.2024 05:52:41
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, both via a similar method.