CVE-2025-24595

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins All Embed – Elementor Addons all-embed-addons-for-elementor allows Stored XSS.This issue affects All Embed – Elementor Addons: from n/a through = 1.1.3...

CVE-2025-22758

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Harnani Elementor AI Addons ai-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor AI Addons: from n/a through = 2.2.1...

CVE-2025-22811

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristian Stan MT Addons for Elementor mt-addons-for-elementor allows Stored XSS.This issue affects MT Addons for Elementor: from n/a through = 1.0.6...

CVE-2025-22321

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TheInnovs ElementsCSS Addons for Elementor css-for-elementor allows Stored XSS.This issue affects ElementsCSS Addons for Elementor: from n/a through = 1.0.8.9...

CVE-2024-43151

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite allows Stored XSS.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.9...

CVE-2024-49631

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Md Abdul Kader Easy Addons for Elementor easy-addons-for-elementor allows Stored XSS.This issue affects Easy Addons for Elementor: from n/a through = 1.5.0...

CVE-2024-9889

The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.9 via the Page Loader widget. This makes it possible for authenticated attackers, with contributor-level access and above, to view...

CVE-2024-43342

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.6.4...

CVE-2024-47353

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in quomodosoft ElementsReady Addons for Elementor element-ready-lite.This issue affects ElementsReady Addons for Elementor: from n/a through 6.4.2...

CVE-2024-9530

The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the...

CVE-2024-43225

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.7...

CVE-2024-47357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Stored XSS.This issue affects Happy Addons for Elementor: from n/a through = 3.12.0...

CVE-2024-47630

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.2.7...

CVE-2024-47629

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through = 2.0.5...

CVE-2024-47364

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in moveaddons Move Addons for Elementor move-addons allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through = 1.3.4...

CVE-2024-38674

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 3.0...

CVE-2024-8681

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-47303

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in livemesh Livemesh Addons for Elementor addons-for-elementor allows Cross-Site Scripting XSS.This issue affects Livemesh Addons for Elementor: from n/a through = 8.5...

CVE-2024-8742

The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 6.0.3 due to insufficient input sanitizatio...

CVE-2024-5502

The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion, Dual Heading, and Vertical Timeline widgets in all versions up to, and including, 2.4.30 due to insufficient input sanitization and output escaping on user supplied...