7270 matches found
WordPress plugin Xpro Addons — 140+ Widgets for Elementor 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress plugin Royal Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress Royal Elementor Addons plugin <= 1.7.1049 - Authenticated (Contributor+) Stored Cross-Site Scripting via REST API Meta Bypass vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via REST API Meta Bypass vulnerability discovered by knani alaaeddine iwd in WordPress Plugin Royal Elementor Addons versions = 1.7.1049...
WordPress Xpro Addons - 140+ Widgets for Elementor plugin <= 1.4.20 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
WordPress Xpro Addons - 140+ Widgets for Elementor plugin = 1.4.20 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Xpro Elementor Addons versions = 1.4.20...
WordPress Xpro Addons - 140+ Widgets for Elementor plugin <= 1.4.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Box Widget vulnerability
WordPress Xpro Addons - 140+ Widgets for Elementor plugin = 1.4.24 - Authenticated Contributor+ Stored Cross-Site Scripting via Icon Box Widget vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Xpro Elementor Addons versions = 1.4.24...
CVE-2025-13535
The King Addons for Elementor plugin for WordPress is vulnerable to multiple Contributor+ DOM-Based Stored Cross-Site Scripting vulnerabilities in all versions up to, and including, 51.1.38. This is due to insufficient input sanitization and output escaping across multiple widgets and features. T...
CVE-2026-34889
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows DOM-Based XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a before 3.21.4...
EUVD-2025-209162
The King Addons for Elementor plugin for WordPress is vulnerable to multiple Contributor+ DOM-Based Stored Cross-Site Scripting vulnerabilities in all versions up to, and including, 51.1.38. This is due to insufficient input sanitization and output escaping across multiple widgets and features. T...
CVE-2025-13535
The King Addons for Elementor plugin for WordPress is vulnerable to multiple Contributor+ DOM-Based Stored Cross-Site Scripting vulnerabilities in all versions up to, and including, 51.1.38. This is due to insufficient input sanitization and output escaping across multiple widgets and features. T...
CVE-2025-13535
CVE-2025-13535 – King Addons for Elementor (WordPress) is a DOM-Based Stored Cross-Site Scripting vulnerability affecting all versions up to 51.1.38. The root cause is inadequate input sanitization and output escaping across multiple widgets/features. The plugin uses esc_attr() and esc_url() insi...
CVE-2025-13535 King Addons for Elementor <= 51.1.38 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Widgets
The King Addons for Elementor plugin for WordPress is vulnerable to multiple Contributor+ DOM-Based Stored Cross-Site Scripting vulnerabilities in all versions up to, and including, 51.1.38. This is due to insufficient input sanitization and output escaping across multiple widgets and features. T...
CVE-2025-13535 King Addons for Elementor <= 51.1.38 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Widgets
The King Addons for Elementor plugin for WordPress is vulnerable to multiple Contributor+ DOM-Based Stored Cross-Site Scripting vulnerabilities in all versions up to, and including, 51.1.38. This is due to insufficient input sanitization and output escaping across multiple widgets and features. T...
EUVD-2026-17845
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows DOM-Based XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a before 3.21.4...
CVE-2026-34889
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows DOM-Based XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a before 3.21.4...
CVE-2026-34889
The CVE concerns Brainstorm Force Ultimate Addons for WPBakery Page Builder. It is a DOM‑Based Cross‑Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation, affecting versions before 3.21.4. Impact is DOM‑XSS (user‑sensitive data exposure possible in...
CVE-2026-34889 WordPress Ultimate Addons for WPBakery Page Builder plugin < 3.21.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows DOM-Based XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a before 3.21.4...
CVE-2026-34889
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows DOM-Based XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a before 3.21.4...
CVE-2026-34889 WordPress Ultimate Addons for WPBakery Page Builder plugin < 3.21.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows DOM-Based XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a before 3.21.4...
WordPress Ultimate Addons for WPBakery Page Builder plugin < 3.21.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin Ultimate Addons for WPBakery Page Builder versions 3.21.4...
WordPress King Addons for Elementor plugin <= 51.1.38 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Widgets vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin King Addons for Elementor versions = 51.1.53...