CVE-2024-12852 Happy Addons for Elementor <= 3.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hacmctext' parameter of the Happy Mouse Cursor in all versions up to, and including, 3.15.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

CVE-2024-12584

CVE-2024-12584 affects the WordPress plugin 140+ Widgets | Xpro Addons For Elementor – FREE. The vulnerability is in the duplicate function and affects all versions up to 1.4.6.2, allowing authenticated attackers with Contributor-level access or higher to expose sensitive information from draft, ...

CVE-2024-12852

CVE-2024-12852 refers to a stored XSS vulnerability in the Happy Addons for Elementor plugin for WordPress, exploitable via the ha_cmc_text parameter in the Happy Mouse Cursor. The issue affects all versions up to 3.15.1 and arises from insufficient input sanitization and output escaping. This al...

CVE-2024-9673

Piotnet Addons For Elementor (WordPress) up to version 2.4.31 contains a Stored XSS vulnerability in the Heading widget due to insufficient input sanitization. Exploitation requires authenticated users with contributor-level access or higher, enabling injection of scripts in pages that render for...

CVE-2024-9673

...

CVE-2024-9673

...

CVE-2024-12205

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider Widget in all versions up to, and including, 2.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-12205

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider Widget in all versions up to, and including, 2.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-12205

CVE-2024-12205 affects Themesflat Addons For Elementor for WordPress. This stores cross-site scripting via TF E Slider Widget in versions up to 2.2.4 due to insufficient input sanitization and output escaping. Exploitation requires authenticated access (Contributor level or higher) to inject scri...

CVE-2024-12205 Themesflat Addons For Elementor <= 2.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider Widget in all versions up to, and including, 2.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress plugin Xpro Addons For Elementor 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress plugin Themesflat Addons For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Happy Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-1900 · WordPress · The 140+ Widgets | Xpro Addons For Elementor

Name of the Vulnerable Software and Affected Versions: 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress versions up to, and including, 1.4.6.2 Description: The issue allows authenticated attackers, with Contributor-level access and above, to extract potentially sensitive data...

PT-2025-1965 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: Element Pack Elementor Addons versions up to, and including, 5.10.14 Description: The issue concerns a Stored Cross-Site Scripting vulnerability in the Element Pack Elementor Addons plugin for WordPress. This vulnerability is due to...

WordPress plugin Element Pack Elementor Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-3733 · WordPress · Piotnet Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Piotnet Addons For Elementor plugin for WordPress versions up to, and including, 2.4.31 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Heading widget due to insufficient input sanitization and output escapin...

WordPress MT Addons for Elementor plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin MT Addons for Elementor versions = 1.0.6...

WordPress Xpro Elementor Addons plugin <= 1.4.6.2 - Authenticated (Contributor+) Post Disclosure via Post Duplication vulnerability

Authenticated Contributor+ Post Disclosure via Post Duplication vulnerability discovered by Webbernaut in WordPress Plugin Xpro Elementor Addons versions = 1.4.6.2...

WordPress Element Pack Lite - Addons for Elementor plugin <= 5.10.14 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress Element Pack Lite - Addons for Elementor plugin = 5.10.14 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin Element Pack Elementor Addons versions = 5.10.14...