WordPress King Addons for Elementor plugin <= 51.1.59 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abu Hurayra in WordPress Plugin King Addons for Elementor versions = 51.1.59...

WordPress King Addons for Elementor plugin <= 51.1.59 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abu Hurayra in WordPress Plugin King Addons for Elementor versions = 51.1.59...

CVE-2025-8451

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘data-gallery-items’ parameter in all versions up to, and including, 6.2.2 due to insufficient input sanitization and output escaping. Thi...

CVE-2025-54712

Missing Authorization vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Elementor Addons: from n/a through = 2.2.7...

CVE-2025-55712

Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through =...

CVE-2024-37945

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through = 1.5...

CVE-2025-54704

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows DOM-Based XSS.This issue affects Easy Elementor Addons: from n/a through = 2.2.6...

CVE-2025-49036

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in octagonwebstudio Premium Addons for KingComposer premium-addons-for-kingcomposer allows PHP Local File Inclusion.This issue affects Premium Addons for KingComposer: from n/a...

WordPress Extensive VC Addons for WPBakery page builder plugin <= 1.9.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Extensive VC Addons for WPBakery page builder versions = 1.9.1...

CVE-2025-8451

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘data-gallery-items’ parameter in all versions up to, and including, 6.2.2 due to insufficient input sanitization and output escaping. Thi...

CVE-2025-8451 Essential Addons for Elementor – Popular Elementor Templates and Widgets <= 6.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'data-gallery-items'

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘data-gallery-items’ parameter in all versions up to, and including, 6.2.2 due to insufficient input sanitization and output escaping. Thi...

CVE-2025-8451 Essential Addons for Elementor – Popular Elementor Templates and Widgets <= 6.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'data-gallery-items'

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘data-gallery-items’ parameter in all versions up to, and including, 6.2.2 due to insufficient input sanitization and output escaping. Thi...

WordPress plugin Essential Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-33448 · WordPress +1 · Essential Addons For Elementor +1

Name of the Vulnerable Software and Affected Versions: Essential Addons for Elementor versions up to and including 6.2.2 Description: The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the...

WordPress Essential Addons for Elementor plugin <= 6.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'data-gallery-items' vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via 'data-gallery-items' vulnerability discovered by Webbernaut in WordPress Plugin Essential Addons for Elementor versions = 6.2.2...

CVE-2025-55712

Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through =...

CVE-2025-54712

Missing Authorization vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Elementor Addons: from n/a through = 2.2.7...

CVE-2025-54712

CVE-2025-54712 describes a Missing Authorization vulnerability in hashthemes Easy Elementor Addons (affected: versions up to 2.2.7). The issue arises from incorrectly configured access control, enabling unauthorized access to privileged functionality. CVSS v3.1 base score 4.3 (Network, Low privil...

CVE-2025-54712 WordPress Easy Elementor Addons Plugin <= 2.2.7 - Broken Access Control Vulnerability

Missing Authorization vulnerability in hashthemes Easy Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Easy Elementor Addons: from n/a through 2.2.7...

CVE-2025-55712

CVE-2025-55712 describes a Missing Authorization / Broken Access Control vulnerability in The Plus Addons for Elementor Page Builder Lite for WordPress (affected: versions up to 6.3.13). The issue arises from incorrectly configured access control security levels allowing unauthorized access. Expl...