CVE-2024-13832 Ultra Addons Lite for Elementor <= 1.1.8 - Authenticated (Contributor+) Restricted Post Disclosure

The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.8 via the 'utelementor' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

CVE-2024-13832 Ultra Addons Lite for Elementor <= 1.1.8 - Authenticated (Contributor+) Restricted Post Disclosure

The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.8 via the 'utelementor' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

CVE-2025-1571 Exclusive Addons for Elementor <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Image Comparison Widgets

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text and Image Comparison Widgets in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This...

WordPress plugin Ultra Addons Lite for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Exclusive Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

WordPress Ultra Addons Lite for Elementor plugin <= 1.1.8 - Authenticated (Contributor+) Restricted Post Disclosure vulnerability

Authenticated Contributor+ Restricted Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin Ultra Addons Lite for Elementor versions = 1.1.8...

WordPress Exclusive Addons for Elementor plugin <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Image Comparison Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Animated Text and Image Comparison Widgets vulnerability discovered by zer0gh0st in WordPress Plugin Exclusive Addons Elementor versions = 2.7.6...

CVE-2025-26912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Stored XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.6...

Exploit for CVE-2025-24752

🔍 Essential Addons for Elementor XSS Vulnerability Detector...

Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities

Upstream kernel version 6.6.79 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...

PT-2025-8685

Name of the Vulnerable Software and Affected Versions Essential Addons for Elementor affected versions not specified Description A critical XSS flaw has been identified in the Essential Addons for Elementor WordPress plugin, potentially placing over two million websites in jeopardy. This...

CVE-2025-26912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Stored XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.6...

CVE-2025-26912 WordPress Easy Elementor Addons plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Stored XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.6...

CVE-2025-26912 WordPress Easy Elementor Addons plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Stored XSS.This issue affects Easy Elementor Addons: from n/a through = 2.1.6...

CVE-2025-26912

CVE-2025-26912 corresponds to a Stored XSS in HashThemes Easy Elementor Addons. The connected document confirms the vulnerability affects Easy Elementor Addons up to and including 2.1.6, caused by improper input neutralization during web page generation. The issue is client-executable when user-s...

PT-2025-7847 · Unknown · Easy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Easy Elementor Addons versions 2.1.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability, specifically Stored XSS...

WordPress plugin Easy Elementor Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Easy Elementor Addons plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Prissy in WordPress Plugin Easy Elementor Addons versions = 2.1.6...

CVE-2024-13353

The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.4 via several widgets. This makes it possible for authenticated attackers, with Contributor-level access...

CVE-2024-13353

The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.4 via several widgets. This makes it possible for authenticated attackers, with Contributor-level access...