100 matches found
CVE-2026-25007 WordPress ElementInvader Addons for Elementor plugin <= 1.4.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Blind SQL Injection.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.4.2...
CVE-2026-25007 WordPress ElementInvader Addons for Elementor plugin <= 1.4.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Blind SQL Injection.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.4.2...
PT-2026-27881
Name of the Vulnerable Software and Affected Versions ElementInvader Addons for Elementor versions n/a through 1.4.2 Description The software contains a flaw due to improper neutralization of special elements within an SQL command, leading to a potential SQL injection. Specifically, the...
WordPress plugin ElementInvader Addons for Elementor SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
WordPress ElementInvader Addons for Elementor plugin <= 1.4.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Nabil Irawan in WordPress Plugin ElementInvader Addons for Elementor versions = 1.4.2...
WordPress ElementInvader Addons for Elementor plugin <= 1.4.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin ElementInvader Addons for Elementor versions = 1.4.1...
CVE-2026-25028
Missing Authorization vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.4.1...
CVE-2026-25028 WordPress ElementInvader Addons for Elementor plugin <= 1.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.4.1...
CVE-2026-25028 WordPress ElementInvader Addons for Elementor plugin <= 1.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.4.1...
CVE-2026-25028
CVE-2026-25028 affects WordPress plugin ElementInvader Addons for Elementor (versions up to and including 1.4.1). The root cause is missing authorization due to incorrectly configured access control security levels, enabling unauthorized access. Vulnerable component: ElementInvader Addons for Ele...
WordPress ElementInvader Addons for Elementor plugin <= 1.3.1 - Missing Authorization to Arbitrary Options Read vulnerability
Missing Authorization to Arbitrary Options Read vulnerability discovered by Francesco Carlucci in WordPress Plugin ElementInvader Addons for Elementor versions = 1.3.1...
PT-2026-6257
Name of the Vulnerable Software and Affected Versions ElementInvader Addons for Elementor versions through 1.4.1 Description An issue exists in ElementInvader Addons for Elementor where incorrectly configured access control security levels can be exploited, leading to a missing authorization...
WordPress plugin ElementInvader Addons for Elementor 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
CVE-2024-2308
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button link in the EliSlider in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...
WordPress Elementinvader Addons for Elementor plugin < 1.4.1 – Unauthenticated Arbitrary Email Sending vulnerability
Unauthenticated Arbitrary Email Sending vulnerability discovered by Lucas Montes in WordPress Plugin ElementInvader Addons for Elementor versions 1.4.1...
CVE-2025-10873
The ElementInvader Addons for Elementor WordPress plugin before 1.4.1 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses due to missing authorization on the elementinvaderaddonsforelementorformssendform action...
CVE-2025-10873
The ElementInvader Addons for Elementor WordPress plugin before 1.4.1 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses due to missing authorization on the elementinvaderaddonsforelementorformssendform action...
CVE-2025-10873
CVE-2025-10873 : ElementInvader Addons for Elementor (WordPress) before 1.4.1 allows an unauthenticated user to send arbitrary emails to arbitrary addresses due to a missing authorization check on the elementinvader_addons_for_elementor_forms_send_form action. Affected plugin versions are prior t...
CVE-2025-10873 Elementinvader Addons for Elementor < 1.4.1 – Unauthenticated Arbitrary Email Sending
The ElementInvader Addons for Elementor WordPress plugin before 1.4.1 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses due to missing authorization on the elementinvaderaddonsforelementorformssendform action...
CVE-2025-10873 Elementinvader Addons for Elementor < 1.4.1 – Unauthenticated Arbitrary Email Sending
The ElementInvader Addons for Elementor WordPress plugin before 1.4.1 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses due to missing authorization on the elementinvaderaddonsforelementorformssendform action...