3 matches found
WordPress Unlimited Elements For Elementor plugin <= 1.5.148 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.148...
WordPress ElementInvader Addons for Elementor Plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Abu Hurayra in WordPress Plugin ElementInvader Addons for Elementor versions = 1.3.6...
CVE-2025-5938
The Digital Marketing and Agency Templates Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the importtemplates function. This makes it possible for...