CVE-2025-9077 Ultra Addons Lite for Elementor <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text Field

The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Animated Text' field of the Typeout Widget in version 1.1.9 and below due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-9045

The CVE-2025-9045 entry describes a Stored Cross-Site Scripting (XSS) in the WordPress plugin Easy Elementor Addons (versions

CVE-2025-9045 Easy Elementor Addons <= 2.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Easy Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widget parameters in versions less than, or equal to, 2.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-leve...

CVE-2025-9045 Easy Elementor Addons <= 2.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Easy Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widget parameters in versions less than, or equal to, 2.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-leve...

PT-2025-40481

Name of the Vulnerable Software and Affected Versions Ultra Addons Lite for Elementor plugin for WordPress versions 1.1.9 and below Description The software contains a flaw due to insufficient input sanitization and output escaping in the 'Animated Text' field of the Typeout Widget. This allows...

WordPress plugin Easy Elementor Addons 跨站脚本漏洞

The WordPress Elementor Addons plugin is a plugin that extends the Elementor page builder functionality and enhances site design capabilities by providing additional widgets and styles. A cross-site scripting vulnerability exists in the WordPress Easy Elementor Addons plugin, which stems from the...

WordPress plugin Ultra Addons Lite for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin X Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-40480

Name of the Vulnerable Software and Affected Versions Easy Elementor Addons versions prior to 2.2.8 Description The Easy Elementor Addons plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping in several widget...

PT-2025-40488

Name of the Vulnerable Software and Affected Versions X Addons for Elementor plugin for WordPress versions up to and including 1.0.14 Description The X Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is a result of inadequate input sanitization and...

ai.acolite:openai-agent-sdk (>=0.1.0 <=0.4.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +23288 more potentially affected by CVE-2025-11226 via ch.qos.logback:logback-core (>=1.4.0 <=1.5.18)

ch.qos.logback:logback-core MAVEN version =1.4.0, =0.1.0, =0.1.0, =0.2.0, =0.114.0, =0.103.0, =0.114.0, =0.2.0, =0.8.0, =0.9.0 - ai.djl.spring:djl-spring-boot-starter-autoconfigure =0.26 - ai.djl.spring:djl-spring-boot-starter-mxnet-auto =0.26 -...

WordPress The Pack Elementor addon plugin <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typing Letter Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Typing Letter Widget vulnerability discovered by zer0gh0st in WordPress Plugin The Pack Elementor addons versions = 2.1.5...

WordPress Plugin aThemes Addons for Elementor Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin aThemes Addons for Elementor, n...

WordPress aThemes Addons for Elementor Plugin <= 1.1.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Abu Hurayra in WordPress Plugin aThemes Addons for Elementor versions = 1.1.2...

CVE-2025-60112

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through = 1.1.2...

CVE-2025-60112 WordPress aThemes Addons for Elementor Plugin <= 1.1.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through = 1.1.2...

CVE-2025-60112

CVE-2025-60112 is an authenticated cross-site scripting vulnerability in the WordPress plugin “aThemes Addons for Elementor.” It is described as a Stored XSS caused by improper neutralization of input during web page generation, affecting versions up to 1.1.3. The associated connected document ex...

PT-2025-39559

Name of the Vulnerable Software and Affected Versions Syed Balkhi aThemes Addons for Elementor versions through 1.1.3 Description The software contains a flaw related to improper input handling during web page creation, which can lead to Cross-site Scripting XSS. This allows for the injection of...

WordPress plugin aThemes Addons for Elementor 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin aThemes Addons for Elementor, n...

CVE-2025-58017

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through = 2.8.6...