PT-2025-14966 · Elementor · Ultimate Store Kit Elementor Addons

Name of the Vulnerable Software and Affected Versions: Ultimate Store Kit Elementor Addons versions through 2.4.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

CVE-2025-31730

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DigitalCourt Marketer Addons marketer-addons allows Stored XSS.This issue affects Marketer Addons: from n/a through = 1.0.1...

CVE-2025-31796

Server-Side Request Forgery SSRF vulnerability in TheInnovs ElementsCSS Addons for Elementor css-for-elementor allows Server Side Request Forgery.This issue affects ElementsCSS Addons for Elementor: from n/a through = 1.0.8.9...

CVE-2025-31813

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Website366.com WPSHARE247 Elementor Addons wpshare247-elementor-addons allows Stored XSS.This issue affects WPSHARE247 Elementor Addons: from n/a through = 2.5...

CVE-2025-31857

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWax Directorist AddonsKit for Elementor addonskit-for-elementor allows Stored XSS.This issue affects Directorist AddonsKit for Elementor: from n/a through = 1.1.6...

CVE-2025-31823

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpoperations WPoperation Elementor Addons wpop-elementor-addons allows Stored XSS.This issue affects WPoperation Elementor Addons: from n/a through = 1.1.9...

CVE-2025-30926

Missing Authorization vulnerability in KingAddons.com King Addons for Elementor king-addons.This issue affects King Addons for Elementor: from n/a through = 24.12.58...

CVE-2025-31567

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesflat themesflat-addons-for-elementor themesflat-addons-for-elementor allows Stored XSS.This issue affects themesflat-addons-for-elementor: from n/a through = 2.3.1...

Malicious code in @nationalgeographicsociety/ngsui-addons-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d522cf6892b9363520f72cb2c024bbcf7d63238df065658694ca622082b1be9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress Marketer Addons Plugin <= 1.0.1 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Marketer Addons versions = 1.0.1...

CVE-2025-31857

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWax Directorist AddonsKit for Elementor addonskit-for-elementor allows Stored XSS.This issue affects Directorist AddonsKit for Elementor: from n/a through = 1.1.6...

CVE-2025-31823

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpoperations WPoperation Elementor Addons wpop-elementor-addons allows Stored XSS.This issue affects WPoperation Elementor Addons: from n/a through = 1.1.9...

CVE-2025-31813

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Website366.com WPSHARE247 Elementor Addons wpshare247-elementor-addons allows Stored XSS.This issue affects WPSHARE247 Elementor Addons: from n/a through = 2.5...

CVE-2025-31796

Server-Side Request Forgery SSRF vulnerability in TheInnovs ElementsCSS Addons for Elementor css-for-elementor allows Server Side Request Forgery.This issue affects ElementsCSS Addons for Elementor: from n/a through = 1.0.8.9...

CVE-2025-31730

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DigitalCourt Marketer Addons marketer-addons allows Stored XSS.This issue affects Marketer Addons: from n/a through = 1.0.1...

CVE-2025-31823 WordPress WPoperation Elementor Addons plugin 1.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpoperations WPoperation Elementor Addons wpop-elementor-addons allows Stored XSS.This issue affects WPoperation Elementor Addons: from n/a through = 1.1.9...

CVE-2025-31823 WordPress WPoperation Elementor Addons plugin 1.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpoperations WPoperation Elementor Addons wpop-elementor-addons allows Stored XSS.This issue affects WPoperation Elementor Addons: from n/a through = 1.1.9...

CVE-2025-31823

CVE-2025-31823 is a stored Cross‑Site Scripting vulnerability in WPoperation Elementor Addons for WordPress. It affects WPoperation Elementor Addons up to version 1.1.9 and arises from improper input neutralization during web page generation. The CVSS v3.1 base score is 6.5 (Network attack, Low d...

CVE-2025-31813 WordPress WPSHARE247 Elementor Addons plugin <= 2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Website366.com WPSHARE247 Elementor Addons wpshare247-elementor-addons allows Stored XSS.This issue affects WPSHARE247 Elementor Addons: from n/a through = 2.5...

CVE-2025-31813

CVE-2025-31813 is a Stored XSS in WPSHARE247 Elementor Addons for WordPress (Website366.com) affecting up to version 2.1. The vulnerability arises from improper neutralization during web page generation of user-supplied input. The WordPress-focused vulnerability entry in the provided documents no...