CVE-2024-11180

CVE-2024-11180 affects ElementsKit Elementor Addons and Templates (Elementor) with a Stored Cross-Site Scripting vulnerability in the ekit_countdown_timer_title parameter, exploitable on all versions up to 3.4.7 due to insufficient input sanitization/output escaping. Attackers with Contributor+ p...

WordPress ElementsKit Elementor addons plugin <= 3.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin ElementsKit Elementor addons Lite versions = 3.4.7...

WordPress plugin ElementsKit Elementor addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-22646

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aThemes aThemes Addons for Elementor allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through 1.0.8...

CVE-2025-22646

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through = 1.0.8...

CVE-2025-22646

CVE-2025-22646 concerns the WordPress plugin aThemes Addons for Elementor (affected: versions up to 1.0.8). The vulnerability is a Stored Cross-Site Scripting (XSS) due to improper input neutralization during web page generation. The impact is stored XSS that could allow attackers to inject and e...

CVE-2025-22646 WordPress aThemes Addons for Elementor plugin <= 1.0.8 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through = 1.0.8...

CVE-2025-22646 WordPress aThemes Addons for Elementor plugin <= 1.0.8 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through = 1.0.8...

WordPress King Addons for Elementor plugin <= 24.12.58 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin King Addons for Elementor versions = 24.12.58...

WordPress The Pack Elementor addons plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin The Pack Elementor addons versions = 2.1.1...

CVE-2025-30925

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webangon The Pack Elementor addons the-pack-addon allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through = 2.1.1...

CVE-2025-30845

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through = 2.1.1...

CVE-2025-30812

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Addons for Elementor skt-addons-for-elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through = 3.5...

CVE-2025-30766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows DOM-Based XSS.This issue affects Happy Addons for Elementor: from n/a through = 3.16.2...

WordPress The Pack Elementor addons plugin <= 2.1.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin The Pack Elementor addons versions = 2.1.1...

WordPress SKT Addons for Elementor plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Prissy in WordPress Plugin SKT Addons for Elementor versions = 3.5...

CVE-2025-30925 WordPress The Pack Elementor addons plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webangon The Pack Elementor addons the-pack-addon allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through = 2.1.1...

CVE-2025-30845

CVE-2025-30845 affects The Pack Elementor addon (The Pack Elementor addons) up to version 2.1.1. The vulnerability is an authenticated Local File Inclusion via improper control of the filename used in PHP include/require statements. Wordfence details list this CVE as an authenticated LFI issue wi...

CVE-2025-30812 WordPress SKT Addons for Elementor plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Addons for Elementor skt-addons-for-elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through = 3.5...

CVE-2025-30812

Technical details beyond the brief description are not provided in the connected documents. Monitor for updates on affected products, versions, impact, and fixes.