7289 matches found
CVE-2024-56286
CVE-2024-56286 affects Classic Addons – WPBakery Page Builder. Root cause: Improper limitation of a pathname to a restricted directory enabling PHP Local File Inclusion. Impact: potential local file inclusion/read access. Affected: Classic Addons – WPBakery Page Builder (versions up to 3.0). Reme...
CVE-2024-56286 WordPress Classic Addons – WPBakery Page Builder plugin <= 3.0 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Classic Addons Classic Addons – WPBakery Page Builder allows PHP Local File Inclusion.This issue affects Classic Addons – WPBakery Page Builder: from n/a through 3.0...
CVE-2024-56286 WordPress Classic Addons – WPBakery Page Builder plugin <= 3.0 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in webcodingplace Classic Addons – WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows PHP Local File Inclusion.This issue affects Classic Addons – WPBakery Page Builder: from n/a throu...
CVE-2025-22316
CVE-2025-22316 : Stored Cross-Site Scripting in WPBITS Addons For Elementor Page Builder due to improper input neutralization during web page generation. Affected: WPBITS Addons For Elementor Page Builder
CVE-2025-22316 WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through = 1.5.1...
CVE-2025-22321 WordPress ElementsCSS Addons for Elementor plugin <= 1.0.8.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TheInnovs ElementsCSS Addons for Elementor css-for-elementor allows Stored XSS.This issue affects ElementsCSS Addons for Elementor: from n/a through = 1.0.8.9...
CVE-2025-22321
CVE-2025-22321 is a stored XSS in the WordPress plugin ElementsCSS Addons for Elementor (component: ElementsCSS Addons for Elementor) affecting versions up to 1.0.8.7. Description and related records confirm improper neutralization of input during web page generation leading to stored cross-site ...
CVE-2025-22321 WordPress ElementsCSS Addons for Elementor plugin <= 1.0.8.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TheInnovs ElementsCSS Addons for Elementor allows Stored XSS.This issue affects ElementsCSS Addons for Elementor: from n/a through 1.0.8.7...
CVE-2025-22333 WordPress Piotnet Addons For Elementor plugin <= 2.4.31 - Cross-Site Scripting vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.31...
CVE-2025-22333 WordPress Piotnet Addons For Elementor plugin <= 2.4.31 - Cross-Site Scripting vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in piotnetdotcom Piotnet Addons For Elementor piotnet-addons-for-elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through = 2.4.31...
CVE-2025-22333
CVE-2025-22333 describes a Stored XSS in Piotnet Addons For Elementor (WordPress plugin) due to improper input neutralization during web page generation. Affected versions are 2.4.31 and earlier; impact is a cross-site scripting vulnerability that can be triggered by malicious inputs stored on th...
CVE-2024-9502
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip module in all versions up to, and including, 2.0.6.7 due to insufficient input sanitization and...
CVE-2024-9502
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip module in all versions up to, and including, 2.0.6.7 due to insufficient input sanitization and...
WordPress Elementor AI Addons plugin <= 2.2.1 - Authenticated (Contributor+) Private Templates Content Disclosure vulnerability
Authenticated Contributor+ Private Templates Content Disclosure vulnerability discovered by Nishiv in WordPress Plugin Elementor AI Addons versions = 2.2.1...
CVE-2024-9502 Master Addons -- Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tooltip Module
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip module in all versions up to, and including, 2.0.6.7 due to insufficient input sanitization and...
CVE-2024-9502 Master Addons -- Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tooltip Module
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip module in all versions up to, and including, 2.0.6.7 due to insufficient input sanitization and...
CVE-2024-9502
CVE-2024-9502 : Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip module in all versions up to 2.0.6.7 due to insufficient input sanitization and output escaping on us...
CVE-2024-12140
The Elementor Addons AI Addons – 70 Widgets, Premium Templates, Ultimate Elements plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.1 via the render function due to insufficient restrictions on which templates can be included. This makes it...
CVE-2024-12140
The CVE-2024-12140 incident concerns the WordPress plugin Elementor Addons AI Addons (70 Widgets, Premium Templates, Ultimate Elements). Affected component: render function in versions up to and including 2.2.1. Root cause: insufficient restrictions on which templates can be included, enabling in...
CVE-2024-12140 Elementor AI Addons – 70 Widgets, Premium Templates, Ultimate Elements <= 2.2.1 - Authenticated (Contributor+) Private Templates Content Disclosure
The Elementor Addons AI Addons – 70 Widgets, Premium Templates, Ultimate Elements plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.1 via the render function due to insufficient restrictions on which templates can be included. This makes it...