409 matches found
WordPress Element Pack Addons for Elementor plugin <= 8.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG Image Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via SVG Image Widget vulnerability discovered by Webbernaut in WordPress Plugin Element Pack Elementor Addons versions = 8.4.2...
PT-2026-31111
Name of the Vulnerable Software and Affected Versions The Element Pack Addons for Elementor plugin for WordPress versions up to and including 8.4.2 Description The Element Pack Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the SVG Image Widget. Th...
WordPress plugin Element Pack Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress Element Pack Elementor Addons plugin <= 8.4.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by daroo in WordPress Plugin Element Pack Elementor Addons versions = 8.4.2...
CVE-2026-1793
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
CVE-2026-1793
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
CVE-2026-1793
The CVE-2026-1793 entry concerns the Element Pack Addons for Elementor plugin for WordPress. All versions up to and including 8.3.17 are vulnerable via the SVG widget due to insufficient file validation in the render_svg function, enabling authenticated attackers with contributor-level access or ...
CVE-2026-1793 Element Pack Addons for Elementor <= 8.3.17 - Authenticated (Contributor+) Arbitrary File Read
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
CVE-2026-1793
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
EUVD-2026-5833
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
CVE-2026-1793 Element Pack Addons for Elementor <= 8.3.17 - Authenticated (Contributor+) Arbitrary File Read
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
WordPress plugin Element Pack Addons for Elementor 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
WordPress Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin <= 5.10.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Custom Gallery Widget vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Custom Gallery Widget vulnerability discovered by zer0gh0st in WordPress Plugin Element Pack Elementor Addons versions = 5.10.1...
WordPress Element Pack Elementor Addons plugin <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price List Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Price List Widget vulnerability discovered by wesley wcraft in WordPress Plugin Element Pack Elementor Addons versions = 5.6.0...
WordPress Element Pack Elementor Addons plugin <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Panel Slider Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Panel Slider Widget vulnerability discovered by RandomRoot in WordPress Plugin Element Pack Elementor Addons versions = 5.6.0...
WordPress Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin <= 5.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Element Pack Elementor Addons versions = 5.6.11...
WordPress Element Pack Elementor Addons plugin <= 5.10.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Map Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Open Map Widget vulnerability discovered by zer0gh0st in WordPress Plugin Element Pack Elementor Addons versions = 5.10.2...
WordPress Element Pack Elementor Addons plugin < 5.10.3 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Element Pack Elementor Addons versions 5.10.3...
CVE-2025-31413
Cross-Site Request Forgery CSRF vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Cross Site Request Forgery.This issue affects Element Pack Elementor Addons: from n/a through = 8.3.13...
CVE-2025-31413
Cross-Site Request Forgery CSRF vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Cross Site Request Forgery.This issue affects Element Pack Elementor Addons: from n/a through = 8.3.13...