PT-2025-3220 · Elementor · Move Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Move Addons for Elementor versions 1.3.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This enables attackers to inject malicious...

PT-2025-1546 · WordPress · Themefic Ultimate Addons For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Themefic Ultimate Addons for Contact Form 7 versions 3.2.6 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations:...

CVE-2024-56062

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through = 1.3.987...

CVE-2024-56063

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.0.7...

CVE-2024-56062

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.3.987...

CVE-2024-56063

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through 6.0.7...

CVE-2024-56062 WordPress Royal Elementor Addons and Templates plugin <= 1.3.987 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.3.987...

CVE-2024-56062 WordPress Royal Elementor Addons and Templates plugin <= 1.3.987 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through = 1.3.987...

CVE-2024-56062

CVE-2024-56062 affects the Royal Elementor Addons and Templates plugin for WordPress, with a Stored XSS due to improper neutralization of input during web page generation. Affected versions are Royal Elementor Addons: n/a through 1.3.987. The Red Hat/ENISA/Wordfence entries confirm the vulnerabil...

CVE-2024-56063 WordPress Essential Addons for Elementor plugin <= 6.0.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.0.7...

CVE-2024-56063

CVE-2024-56063 affects Essential Addons for Elementor (WPDeveloper) up to version 6.0.7. It is a Stored Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Exploitation is described as requiring Authentication (Contributor+) to trigger the ...

CVE-2024-56227

Missing Authorization vulnerability in WP Royal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through 1.7.1001...

CVE-2024-56227

Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through = 1.7.1001...

CVE-2024-56226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through 1.7.1001...

CVE-2024-56225

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addons for Elementor: from n/a through 4.10.56...

CVE-2024-56226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through = 1.7.1001...

CVE-2024-56225

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addons for Elementor: from n/a through = 4.10.56...

CVE-2024-56221

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elicus WPMozo Addons Lite for Elementor wpmozo-addons-lite-for-elementor allows Stored XSS.This issue affects WPMozo Addons Lite for Elementor: from n/a through = 1.2.0...

CVE-2024-56226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through 1.7.1001...

CVE-2024-56221

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elicus WPMozo Addons Lite for Elementor allows Stored XSS.This issue affects WPMozo Addons Lite for Elementor: from n/a through 1.2.0...