375 matches found
CVE-2025-39589
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Essential Addons for Elementor: from n/a through 6.1.9...
CVE-2025-39590 WordPress Essential Addons for Elementor <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS. This issue affects Essential Addons for Elementor: from n/a through 6.1.9...
CVE-2025-39590
CVE-2025-39590 corresponds to a Stored XSS in WPDeveloper Essential Addons for Elementor (affected: versions n/a–6.1.9). The vulnerability stems from improper input neutralization during Web Page Generation, enabling stored cross-site scripting. CVSS v3.1 metrics indicate a Network attack vector,...
CVE-2025-39590 WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.1.9...
WordPress plugin Essential Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress plugin Essential Addons for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-16613
Name of the Vulnerable Software and Affected Versions Essential Addons for Elementor versions n/a through 6.1.9 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...
Essential Addons for Elementor Plugin for WordPress < 6.0.15 Cross-Site Scripting
The WordPress Essential Addons for Elementor Plugin installed on the remote host is affected by a Cross-Site Scripting. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...
Exploit for CVE-2025-24752
🔍 Essential Addons for Elementor XSS Vulnerability Detector...
PT-2025-8685
Name of the Vulnerable Software and Affected Versions Essential Addons for Elementor affected versions not specified Description A critical XSS flaw has been identified in the Essential Addons for Elementor WordPress plugin, potentially placing over two million websites in jeopardy. This...
CVE-2021-4447
The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created page. This makes it possible for attackers wi...
CVE-2024-50457
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Qode Qode Essential Addons qode-essential-addons.This issue affects Qode Essential Addons: from n/a through = 1.6.3...
CVE-2024-1536
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's event calendar widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and outpu...
WordPress Essential Addons for Elementor plugin <= 6.0.14 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by xssium Patchstack Alliance in WordPress Plugin Essential Addons for Elementor versions = 6.0.14...
VulnCheck KEV: CVE-2025-24752
The Essential Addons for Elementor WordPress plugin is vulnerable to insufficient validation and sanitizing of the popup-selector query argument. Versions prior to 6.0.15 are affected...
WordPress Sastra Essential Addons for Elementor plugin <= 1.0.14 - Missing Authorization to Spexo Theme Install vulnerability
Missing Authorization to Spexo Theme Install vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Sastra Essential Addons for Elementor versions = 1.0.14...
CVE-2024-56063
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.0.7...
CVE-2024-56063
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through 6.0.7...
CVE-2024-56063 WordPress Essential Addons for Elementor plugin <= 6.0.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.0.7...
CVE-2024-56063
CVE-2024-56063 affects Essential Addons for Elementor (WPDeveloper) up to version 6.0.7. It is a Stored Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Exploitation is described as requiring Authentication (Contributor+) to trigger the ...