EUVD-2026-37668

Contributor Arbitrary File Upload in Unlimited Elements for Elementor Premium = 2.0.6 versions...

CVE-2026-27041

Contributor Arbitrary File Upload in Unlimited Elements for Elementor Premium = 2.0.6 versions...

CVE-2026-27041

CVE-2026-27041 : Affected software is WordPress Unlimited Elements for Elementor – Premium, versions

CVE-2026-3132

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

WordPress Master Addons for Elementor Premium plugin <= 2.1.3 - Authenticated (Subscriber+) Remote Code Execution via render_preview vulnerability

Authenticated Subscriber+ Remote Code Execution via renderpreview vulnerability discovered by Ren Voza in WordPress Plugin Master Addons for Elementor Premium versions = 2.1.3...

CVE-2026-3132

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

CVE-2026-3132

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

CVE-2026-3132 Master Addons for Elementor Premium <= 2.1.3 - Authenticated (Subscriber+) Remote Code Execution via render_preview

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

CVE-2026-3132 Master Addons for Elementor Premium <= 2.1.3 - Authenticated (Subscriber+) Remote Code Execution via render_preview

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

EUVD-2026-9222

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

CVE-2026-3132

The CVE concerns the Master Addons for Elementor Premium plugin for WordPress. All versions up to 2.1.3 are affected by a Remote Code Execution flaw via JLTMA_Widget_Admin::render_preview, caused by a missing capability check. This allows authenticated attackers with Subscriber-level access and a...

WordPress plugin Master Addons for Elementor Premium 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

PT-2026-22659

Name of the Vulnerable Software and Affected Versions Master Addons for Elementor Premium plugin for WordPress versions up to and including 2.1.3 Description The Master Addons for Elementor Premium plugin for WordPress is susceptible to Remote Code Execution via the JLTMA Widget Admin::render...

PT-2024-16146 · Unknown · Premium Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor versions up to and including 4.10.60 Description: The issue is related to Stored Cross-Site Scripting via the Video Box widget due to insufficient input sanitization and output escaping on user-supplied attributes...

CVE-2024-6495

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Premium Addons for Elementor plugin <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Premium Addons for Elementor versions = 4.10.31...