CVE-2024-56282

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elicus WPMozo Addons Lite for Elementor wpmozo-addons-lite-for-elementor allows PHP Local File Inclusion.This issue affects WPMozo Addons Lite for Elementor: from n/a through =...

CVE-2024-56286

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in webcodingplace Classic Addons – WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows PHP Local File Inclusion.This issue affects Classic Addons – WPBakery Page Builder: from n/a throu...

CVE-2024-56226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through = 1.7.1001...

CVE-2024-32682

Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2...

CVE-2024-32952

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BloomPixel Max Addons Pro for Bricks allows Reflected XSS.This issue affects Max Addons Pro for Bricks: from n/a through 1.6.1...

CVE-2024-32785

Cross-Site Request Forgery CSRF vulnerability in Webangon The Pack Elementor addons allows Cross-Site Scripting XSS.This issue affects The Pack Elementor addons: from n/a through 2.0.8.3...

CVE-2024-50457

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Qode Qode Essential Addons qode-essential-addons.This issue affects Qode Essential Addons: from n/a through = 1.6.3...

CVE-2024-50453

Relative Path Traversal vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through = 2.0.9...

CVE-2024-5091

The SKT Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Age Gate and Creative Slider widgets in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-5455

The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.5.4 via the 'magazinestyle' parameter within the Dynamic Smart Showcase widget. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-5147

The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.37 via the 'gridstyle' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server,...

CVE-2024-5179

The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.2 via the 'itemstyle' and 'style' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

CVE-2024-49251

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Acnoo Maan Addons For Elementor maan-elementor-addons allows Local Code Inclusion.This issue affects Maan Addons For Elementor: from n/a through = 1.0.1...

CVE-2024-49243

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ramjon27 Dynamic Elementor Addons dynamic-elementor-addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through = 1.0.0...

CVE-2024-1536

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's event calendar widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and outpu...

CVE-2024-1567

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to limited file uploads due to missing file type validation in the 'filevalidity' function in all versions up to, and including, 1.3.94. This makes it possible for unauthenticated attackers to upload dangerous file types...

CVE-2024-33633

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Reflected XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17...

CVE-2024-33635

Missing Authorization vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17...

CVE-2024-24846

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MightyThemes Mighty Addons for Elementor allows Reflected XSS.This issue affects Mighty Addons for Elementor: from n/a through 1.9.3...

CVE-2024-11601

The Sky Addons for Elementor Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blog, Video Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.1. This is due to missing or incorrect...