Lucene search
K

605 matches found

Cvelist
Cvelist
added 2026/02/03 6:38 a.m.25 views

CVE-2026-1210 Happy Addons for Elementor <= 3.20.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elementordata' meta field in all versions up to, and including, 3.20.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.0031EPSS
Exploits0References8
CVE
CVE
added 2026/02/03 6:38 a.m.17 views

CVE-2026-1210

The CVE-2026-1210 entry describes a Stored Cross-Site Scripting vulnerability in the Happy Addons for Elementor WordPress plugin, affecting all versions up to 3.20.7. The root cause is insufficient input sanitization and output escaping in the '_elementor_data' meta field. Exploitation requires a...

6.4CVSS5.6AI score0.0031EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/02/03 6:38 a.m.4 views

CVE-2026-1210

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elementordata' meta field in all versions up to, and including, 3.20.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.6AI score0.0031EPSS
Exploits0References9
EUVD
EUVD
added 2026/02/03 6:38 a.m.6 views

EUVD-2026-5289

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elementordata' meta field in all versions up to, and including, 3.20.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.6AI score0.0031EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.6 views

PT-2026-6031

Name of the Vulnerable Software and Affected Versions Happy Addons for Elementor plugin versions up to and including 3.20.7 Description The Happy Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escapi...

6.4CVSS5.5AI score0.0031EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

WordPress plugin Happy Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.8AI score0.0031EPSS
Exploits0References9
Patchstack
Patchstack
added 2026/02/02 10:21 p.m.7 views

WordPress Happy Addons for Elementor plugin <= 3.20.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'elementordata' Meta Field vulnerability discovered by knani alaaeddine iwd in WordPress Plugin Happy Addons for Elementor versions = 3.20.7...

6.4CVSS5.3AI score0.0031EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 8:35 p.m.6 views

WordPress Happy Addons for Elementor plugin <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Photo Stack Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Photo Stack Widget vulnerability discovered by RandomRoot in WordPress Plugin Happy Addons for Elementor versions = 3.10.3...

6.4CVSS8.3AI score0.00536EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:23 p.m.6 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via title_tag vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via titletag vulnerability discovered by wesley wcraft in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

5.4CVSS5.3AI score0.00466EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:22 p.m.6 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title HTML Tag vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Page Title HTML Tag vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

6.4CVSS5.3AI score0.00351EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:22 p.m.8 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title HTML Tag vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Post Title HTML Tag vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

6.4CVSS5.3AI score0.00361EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 2:21 p.m.7 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Calendy vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Calendy vulnerability discovered by ST in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

6.4CVSS5.3AI score0.00343EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 9:26 a.m.7 views

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group, Photo Stack, & Horizontal Timeline vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Stack Group, Photo Stack, & Horizontal Timeline vulnerability discovered by stealthcopter in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

6.4CVSS5.3AI score0.00548EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 9:2 a.m.5 views

WordPress Happy Addons for Elementor plugin <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Event Calendar Widget vulnerability discovered by stealthcopter in WordPress Plugin Happy Addons for Elementor versions = 3.10.7...

6.4CVSS5.3AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 8:51 a.m.5 views

WordPress Happy Addons for Elementor plugin <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Accordion vulnerability discovered by Thanh Nam Tran in WordPress Plugin Happy Addons for Elementor versions = 3.10.9...

6.4CVSS5.2AI score0.00325EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 8:50 a.m.8 views

WordPress Happy Addons for Elementor plugin <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Thanh Nam Tran in WordPress Plugin Happy Addons for Elementor versions = 3.10.8...

6.4CVSS5.2AI score0.00364EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/27 12:55 p.m.10 views

WordPress HAPPY plugin <= 1.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin HAPPY versions = 1.0.8...

8.2CVSS5.9AI score0.00269EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.6 views

CVE-2025-68999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...

8.5CVSS5.6AI score0.00253EPSS
Exploits2References1
Patchstack
Patchstack
added 2026/01/23 6:58 p.m.7 views

WordPress Happy Addons for Elementor plugin <= 3.20.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by knani alaaeddine iwd in WordPress Plugin Happy Addons for Elementor versions = 3.20.4...

8.5CVSS5.8AI score0.00253EPSS
Exploits2Affected Software1
NVD
NVD
added 2026/01/22 5:16 p.m.8 views

CVE-2025-68999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...

8.5CVSS0.00253EPSS
Exploits2References1
Rows per page
Query Builder