WordPress Anant Addons for Elementor plugin <= 1.1.8 - CSRF to Arbitrary Plugin Installation vulnerability

CSRF to Arbitrary Plugin Installation vulnerability discovered by stealthcopter in WordPress Plugin Anant Addons for Elementor versions = 1.1.8...

WordPress plugin Anant Addons for Elementor 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2025-15809 · Unknown · Anant Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Anant Addons for Elementor versions 1.1.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows unauthorized actions to be performed on a user's account without their knowledge or consent. This ca...

📄 WordPress Royal Elementor Addons 1.3.78 Shell Upload

WordPress Royal Elementor Addons plugin versions 1.3.78 and below suffer from a remote shell upload vulnerability. Exploit Title: WordPress Plugin Royal Elementor Addons = 1.3.78 - Unauthenticated Arbitrary File Upload RCE Date: 2025-04-04 Exploit Author: Sheikh Mohammad Hasan...

📄 WordPress Exclusive Addons for Elementor 2.6.9 Cross Site Scripting

Wordpress Exclusive Addons for Elementor plugin versions 2.6.9 and below suffer from a persistent cross site scripting vulnerability. Exploit Title: Exclusive Addons for Elementor ≤ 2.6.9 - Authenticated Stored Cross-Site Scripting XSS Original Author: Wordfence Security Team Exploit Author: Al...

CVE-2025-32197

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in piotnetdotcom Piotnet Addons For Elementor piotnet-addons-for-elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through = 2.4.36...

CVE-2025-32184

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through = 2.5.0...

CVE-2025-32186

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Turbo Addons Turbo Addons Elementor turbo-addons-elementor allows DOM-Based XSS.This issue affects Turbo Addons Elementor: from n/a through = 1.7.7...

CVE-2025-32182

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spider Themes Spider Elements spider-elements allows Stored XSS.This issue affects Spider Elements: from n/a through = 1.6.5...

CVE-2025-32196

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through = 1.4.2...

CVE-2025-32163

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through = 1.4.10...

CVE-2025-32189

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Best WP Developer BWD Elementor Addons bwd-elementor-addons allows DOM-Based XSS.This issue affects BWD Elementor Addons: from n/a through = 4.4.2...

Exclusive Addons for Elementor 2.6.9 - Stored Cross-Site Scripting (XSS)

Exploit Title: Exclusive Addons for Elementor ≤ 2.6.9 - Authenticated Stored Cross-Site Scripting XSS Original Author: Wordfence Security Team Exploit Author: Al Baradi Joy Exploit Date: March 13, 2024 Vendor Homepage: https://exclusiveaddons.com/ Software Link:...

CVE-2025-32197

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in piotnetdotcom Piotnet Addons For Elementor piotnet-addons-for-elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through = 2.4.36...

CVE-2025-32192

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UltraPress Ultra Addons Lite for Elementor ut-elementor-addons-lite allows Stored XSS.This issue affects Ultra Addons Lite for Elementor: from n/a through = 1.1.8...

CVE-2025-32196

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through = 1.4.2...

CVE-2025-32186

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Turbo Addons Turbo Addons Elementor turbo-addons-elementor allows DOM-Based XSS.This issue affects Turbo Addons Elementor: from n/a through = 1.7.7...

CVE-2025-32189

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Best WP Developer BWD Elementor Addons bwd-elementor-addons allows DOM-Based XSS.This issue affects BWD Elementor Addons: from n/a through = 4.4.2...

CVE-2025-32184

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through = 2.5.0...

CVE-2025-32163

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through = 1.4.10...