CVE-2024-2803

🗓️ 04 Apr 2024 01:56:57Reported by WordfenceType

The ElementsKit Elementor addons plugin for WordPress has Stored Cross-Site Scripting vulnerabilit

Reporter	Title	Published	Views	Family All 11
CNNVD	WordPress Plugin ElementsKit Elementor addons 安全漏洞	4 Apr 202400:00	–	cnnvd
Cvelist	CVE-2024-2803 ElementsKit Elementor addons <= 3.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget	4 Apr 202401:56	–	cvelist
EUVD	EUVD-2024-27747	3 Oct 202520:07	–	euvd
NVD	CVE-2024-2803	4 Apr 202402:15	–	nvd
Patchstack	WordPress ElementsKit Elementor addons plugin <= 3.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability	4 Apr 202402:01	–	patchstack
Patchstack	WordPress Elements kit Elementor addons Plugin <= 3.0.7 is vulnerable to Cross Site Scripting (XSS)	4 Apr 202400:00	–	patchstack
Positive Technologies	PT-2024-22224 · WordPress · Elementskit Elementor Addons Plugin	4 Apr 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-2803	7 Jan 202609:14	–	redhatcve
Vulnrichment	CVE-2024-2803 ElementsKit Elementor addons <= 3.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget	4 Apr 202401:56	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024)	11 Apr 202417:23	–	wordfence

NVD

Vulners

Node

wpmet elements_kit_elementor_addonsRange<3.1.0wordpress

[
  {
    "vendor": "roxnor",
    "product": "ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "3.0.7",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/b1c44ad9-e61e-4f29-9c0b-7c0a89b0c8da
plugins	www.plugins.trac.wordpress.org/changeset

08 Apr 2026 19:21Current

7.6High risk

Vulners AI Score7.6

CVSS 3.15.4 - 6.4

EPSS0.00168

SSVC

CWE-79