Lucene search
K

375 matches found

OSV
OSV
added 2025/04/16 1:15 p.m.11 views

CVE-2025-39589

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Essential Addons for Elementor: from n/a through 6.1.9...

4.3CVSS5.8AI score0.00332EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 12:44 p.m.5 views

CVE-2025-39590 WordPress Essential Addons for Elementor <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS. This issue affects Essential Addons for Elementor: from n/a through 6.1.9...

6.5CVSS7AI score0.00256EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 12:44 p.m.66 views

CVE-2025-39590

CVE-2025-39590 corresponds to a Stored XSS in WPDeveloper Essential Addons for Elementor (affected: versions n/a–6.1.9). The vulnerability stems from improper input neutralization during Web Page Generation, enabling stored cross-site scripting. CVSS v3.1 metrics indicate a Network attack vector,...

6.5CVSS7.2AI score0.00256EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/16 12:44 p.m.18 views

CVE-2025-39590 WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.1.9...

6.5CVSS0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.4 views

WordPress plugin Essential Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6.6AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.4 views

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS5.9AI score0.00332EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.5 views

PT-2025-16613

Name of the Vulnerable Software and Affected Versions Essential Addons for Elementor versions n/a through 6.1.9 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...

6.5CVSS7.3AI score0.00256EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.8 views

Essential Addons for Elementor Plugin for WordPress < 6.0.15 Cross-Site Scripting

The WordPress Essential Addons for Elementor Plugin installed on the remote host is affected by a Cross-Site Scripting. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

7.1CVSS7.4AI score0.01157EPSS
Exploits2References3
GithubExploit
GithubExploit
added 2025/02/26 9:28 a.m.1163 views

Exploit for CVE-2025-24752

🔍 Essential Addons for Elementor XSS Vulnerability Detector...

7.1CVSS9.4AI score0.01157EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.6 views

PT-2025-8685

Name of the Vulnerable Software and Affected Versions Essential Addons for Elementor affected versions not specified Description A critical XSS flaw has been identified in the Essential Addons for Elementor WordPress plugin, potentially placing over two million websites in jeopardy. This...

7.1CVSS7.5AI score0.01157EPSS
Exploits2References19
RedhatCVE
RedhatCVE
added 2025/02/06 4:19 a.m.10 views

CVE-2021-4447

The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created page. This makes it possible for attackers wi...

8.8CVSS6.9AI score0.00444EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 6:48 a.m.5 views

CVE-2024-50457

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Qode Qode Essential Addons qode-essential-addons.This issue affects Qode Essential Addons: from n/a through = 1.6.3...

8.8CVSS5.9AI score0.00543EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:38 a.m.7 views

CVE-2024-1536

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's event calendar widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and outpu...

7.4CVSS5.8AI score0.00549EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/04 12:31 a.m.7 views

WordPress Essential Addons for Elementor plugin <= 6.0.14 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by xssium Patchstack Alliance in WordPress Plugin Essential Addons for Elementor versions = 6.0.14...

7.1CVSS6.1AI score0.01157EPSS
Exploits2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/02/04 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-24752

The Essential Addons for Elementor WordPress plugin is vulnerable to insufficient validation and sanitizing of the popup-selector query argument. Versions prior to 6.0.15 are affected...

7.1CVSS5.8AI score0.01157EPSS
Exploits2References1
Patchstack
Patchstack
added 2025/01/24 10:31 p.m.6 views

WordPress Sastra Essential Addons for Elementor plugin <= 1.0.14 - Missing Authorization to Spexo Theme Install vulnerability

Missing Authorization to Spexo Theme Install vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Sastra Essential Addons for Elementor versions = 1.0.14...

4.3CVSS7AI score0.00237EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/12/31 11:15 p.m.39 views

CVE-2024-56063

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.0.7...

6.5CVSS0.00239EPSS
Exploits0References1
OSV
OSV
added 2024/12/31 11:15 p.m.4 views

CVE-2024-56063

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through 6.0.7...

5.4CVSS7.3AI score0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/31 11:6 p.m.10 views

CVE-2024-56063 WordPress Essential Addons for Elementor plugin <= 6.0.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.0.7...

6.5CVSS8.6AI score0.00239EPSS
Exploits0References1
CVE
CVE
added 2024/12/31 11:6 p.m.116 views

CVE-2024-56063

CVE-2024-56063 affects Essential Addons for Elementor (WPDeveloper) up to version 6.0.7. It is a Stored Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Exploitation is described as requiring Authentication (Contributor+) to trigger the ...

6.5CVSS7.2AI score0.00239EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder