CVE-2026-24594

CVE-2026-24594 concerns Livemesh Addons for WPBakery Page Builder (WordPress plugin) with versions up to and including 3.9.4. The Red Hat, NVD, CVE List, and PatchStack entries confirm an authenticated Stored XSS flaw caused by improper input neutralization during web page generation. Impact is s...

PT-2026-4439

Name of the Vulnerable Software and Affected Versions X Addons for Elementor versions through 1.0.23 Description An issue exists in X Addons for Elementor where incorrectly configured access control security levels can be exploited, leading to a missing authorization condition. The vulnerability...

PT-2026-4429

Name of the Vulnerable Software and Affected Versions Livemesh Addons for WPBakery Page Builder versions through 3.9.4 Description The software contains a flaw related to improper input handling during web page creation, which can lead to Stored Cross-site Scripting XSS. This means that malicious...

WordPress plugin Livemesh Addons for WPBakery Page Builder has security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

WordPress plugin X Addons for Elementor has security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to th...

CVE-2026-22468

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

CVE-2025-69300

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through = 4.11.63...

CVE-2025-69312

Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Upload a Web Shell to a Web Server.This issue affects Xpro Elementor Addons: from n/a through = 1.4.19.1...

CVE-2025-68999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...

CVE-2025-31413

Cross-Site Request Forgery CSRF vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Cross Site Request Forgery.This issue affects Element Pack Elementor Addons: from n/a through = 8.3.13...

CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...

CVE-2026-24377

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...

CVE-2026-22468

CVE-2026-22468 is a Missing Authorization vulnerability in Absolute Addons For Elementor. Affected product: Absolute Addons For Elementor; vulnerable versions are

CVE-2026-22468 WordPress Absolute Addons For Elementor plugin <= 1.0.14 - Broken Access Control vulnerability

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

CVE-2026-22468

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

CVE-2026-22468 WordPress Absolute Addons For Elementor plugin <= 1.0.14 - Broken Access Control vulnerability

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through = 1.0.14...

CVE-2025-69300

The CVE CVE-2025-69300 concerns Leap13 Premium Addons for Elementor (plugin: premium-addons-for-elementor) with affected versions from n/a up to and including 4.11.63. The issue is a Missing Authorization vulnerability caused by incorrectly configured access control security levels, enabling unau...

CVE-2025-69312

CVE-2025-69312 describes an Unrestricted Upload of File with Dangerous Type in Xpro Elementor Addons (Xpro Addons, 140+ Widgets for Elementor). The flaw allows uploading a Web Shell to the web server, affecting Xpro Elementor Addons versions up to and including 1.4.19.1 (vendor n/a). The issue’s ...

CVE-2025-69300

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through = 4.11.63...

CVE-2025-69300 WordPress Premium Addons for Elementor plugin <= 4.11.63 - Settings Change vulnerability

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through = 4.11.63...