Lucene search
K

375 matches found

Patchstack
Patchstack
added 2025/07/07 9:18 p.m.8 views

WordPress Essential Addons for Elementor plugin <= 6.1.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via `Calendar` And `Business Reviews` Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Calendar And Business Reviews Widgets vulnerability discovered by Webbernaut in WordPress Plugin Essential Addons for Elementor versions = 6.1.19...

6.4CVSS5.5AI score0.0017EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/09 7:9 p.m.9 views

WordPress Essential Addons for Elementor plugin <= 6.1.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Pricing Table Widget vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Pricing Table Widget vulnerability discovered by zer0gh0st in WordPress Plugin Essential Addons for Elementor versions = 6.1.12...

6.4CVSS5.5AI score0.00174EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/09 12:2 p.m.8 views

CVE-2024-9994

The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the eaelpricingitemtooltipcontent parameter of the Pricing Table Widget in all versions up to, and including, 6.1.12 due...

6.4CVSS5.8AI score0.00174EPSS
Exploits0References1
OSV
OSV
added 2025/06/07 12:15 p.m.3 views

CVE-2024-9993

The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the eaeleventdetailstext parameter of Event Calendar Widget in all versions up to, and including, 6.1.12 due to...

5.4CVSS5.9AI score0.00176EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/07 11:17 a.m.4 views

CVE-2024-9994 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.1.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Pricing Table Widget

The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the eaelpricingitemtooltipcontent parameter of the Pricing Table Widget in all versions up to, and including, 6.1.12 due...

6.4CVSS5.8AI score0.00174EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/07 12:0 a.m.1 views

WordPress plugin Essential Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS5.7AI score0.00176EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/07 12:0 a.m.2 views

WordPress plugin Essential Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS6AI score0.00174EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/07 12:0 a.m.8 views

PT-2025-24338 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 6.1.12 Description: The issue is related to Stored Cross-Site Scripting via the eael pricing item tooltip content parameter of the Pricing Table Widget. Th...

6.4CVSS5.8AI score0.00174EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/06/07 12:0 a.m.6 views

PT-2025-24337 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 6.1.12 Description: The issue is related to Stored Cross-Site Scripting via the eael event details text parameter of the Event Calendar Widget. This is due...

6.4CVSS5.7AI score0.00176EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 10:33 a.m.6 views

CVE-2024-8742

The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 6.0.3 due to insufficient input sanitizatio...

6.4CVSS5.9AI score0.00354EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:20 a.m.8 views

CVE-2024-3733

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajaxloadmore , eaelwoopaginationproductajax, and ajaxeaelproductgallery...

5.3CVSS6.8AI score0.00496EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:50 a.m.8 views

CVE-2024-7092

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nomoreitemstext’ parameter in all versions up to, and including, 5.9.27 due to insufficient input sanitization and output...

6.4CVSS5.8AI score0.00416EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:10 a.m.5 views

CVE-2024-5073

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter Feed component in all versions up to, and including, 5.9.21 due to insufficient input sanitization and output...

6.4CVSS6AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:9 a.m.5 views

CVE-2024-5086

The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Member Carousel widget in all Pro versions up to, and including, 5.8.14 due to insufficient input...

6.4CVSS6AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:7 a.m.4 views

CVE-2024-39649

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite.This issue affects Essential Addons for Elementor: from n/a through = 5.9.26...

6.5CVSS5.9AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:52 a.m.14 views

CVE-2024-5189

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘customjs’ parameter in all versions up to, and including, 5.9.23 due to insufficient input sanitization and output escapin...

6.4CVSS5.8AI score0.00434EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:44 a.m.4 views

CVE-2024-4624

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugins for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eaelexttoctitletag’ parameter in versions up to, and including, 5.9.20 due to insufficient input sanitization and output...

6.4CVSS6AI score0.00441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.4 views

CVE-2024-4275

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Interactive Circle widget in all versions up to, and including, 5.9.19 due to insufficient input sanitization and...

6.4CVSS6AI score0.00343EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:21 a.m.8 views

CVE-2024-1236

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Filterable Controls label icon parameter in all versions up to, and including, 5.9.8 due to insufficient input sanitization...

6.4CVSS5.8AI score0.00469EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:54 a.m.7 views

CVE-2024-4156

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eaeleventtextcolor’ parameter in versions up to, and including, 5.9.17 due to insufficient input sanitization and output...

6.4CVSS5.8AI score0.00602EPSS
Exploits0References1
Rows per page
Query Builder