7288 matches found
WordPress plugin Piotnet Addons For Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-17249 · WordPress · Piotnet Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Piotnet Addons For Elementor plugin for WordPress versions up to, and including, 2.4.34 Description: The issue is related to Stored Cross-Site Scripting via the 'PAFE Before After Image Comparison Slider' widget due to insufficient input...
CVE-2025-39588
Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Object Injection.This issue affects Ultimate Store Kit Elementor Addons: from n/a through = 2.4.0...
CVE-2025-24752
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Reflected XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.0.14...
CVE-2025-24752
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor allows Reflected XSS. This issue affects Essential Addons for Elementor: from n/a through 6.0.14...
CVE-2025-24752 WordPress Essential Addons for Elementor plugin <= 6.0.14 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor allows Reflected XSS. This issue affects Essential Addons for Elementor: from n/a through 6.0.14...
CVE-2025-24752 WordPress Essential Addons for Elementor plugin <= 6.0.14 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Reflected XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.0.14...
CVE-2025-24752
CVE-2025-24752 is a reflected Cross-Site Scripting vulnerability in the WordPress plugin “Essential Addons for Elementor” (versions up to 6.0.14). Root cause: improper input neutralization during web page generation allowing reflection of injected payloads via parameters such as popup-selector. A...
CVE-2025-39588 WordPress Ultimate Store Kit Elementor Addons <= 2.4.0 - Deserialization of untrusted data Vulnerability
Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons allows Object Injection. This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.4.0...
CVE-2025-39588
CVE-2025-39588 describes a deserialization of untrusted data vulnerability in the WordPress plugin “Ultimate Store Kit – Elementor Addons” (bdthemes) affecting versions up to 2.4.0. The root cause is deserializing untrusted data, enabling PHP object injection. Public details classify the impact a...
CVE-2025-26990
Server-Side Request Forgery SSRF vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Server Side Request Forgery.This issue affects Royal Elementor Addons: from n/a through = 1.7.1006...
CVE-2025-2225
The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘raeltitletag' parameter in all versions up to, and including, 1.6.9 due to insufficient input sanitization and output escaping. Thi...
WordPress plugin Essential Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-17191 · Bdthemes · Bdthemes Ultimate Store Kit Elementor Addons
Name of the Vulnerable Software and Affected Versions: bdthemes Ultimate Store Kit Elementor Addons versions n/a through 2.4.0 Description: The issue is related to the deserialization of untrusted data, which allows object injection. This is a critical vulnerability that affects the specified...
WordPress plugin Ultimate Store Kit Elementor Addons 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...
WordPress Royal Elementor Addons plugin <= 1.3.977 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Plugin Royal Elementor Addons versions = 1.3.977...
WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin Essential Addons for Elementor versions = 6.1.9...
CVE-2025-39589
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Retrieve Embedded Sensitive Data.This issue affects Essential Addons for Elementor: from n/a through = 6.1.9...
CVE-2025-39590
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.1.9...
CVE-2025-39590
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS. This issue affects Essential Addons for Elementor: from n/a through 6.1.9...