CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

86 matches found

RedhatCVE•added 2026/04/02 4:56 p.m.•2 views

CVE-2025-13535

The King Addons for Elementor plugin for WordPress is vulnerable to multiple Contributor+ DOM-Based Stored Cross-Site Scripting vulnerabilities in all versions up to, and including, 51.1.38. This is due to insufficient input sanitization and output escaping across multiple widgets and features. T...

6.4CVSS6AI score0.00073EPSS

Exploits0References1

EUVD•added 2026/04/01 3:31 p.m.•1 views

EUVD-2025-209162

6.4CVSS6AI score0.00073EPSS

Exploits0References12

NVD•added 2026/04/01 3:16 p.m.•0 views

CVE-2025-13535

6.4CVSS0.00073EPSS

Exploits0References11

Vulnrichment•added 2026/04/01 2:37 p.m.•1 views

CVE-2025-13535 King Addons for Elementor <= 51.1.38 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Widgets

6.4CVSS6AI score0.00073EPSS

Exploits0References11

CVE•added 2026/04/01 2:37 p.m.•7 views

CVE-2025-13535

CVE-2025-13535 – King Addons for Elementor (WordPress) is a DOM-Based Stored Cross-Site Scripting vulnerability affecting all versions up to 51.1.38. The root cause is inadequate input sanitization and output escaping across multiple widgets/features. The plugin uses esc_attr() and esc_url() insi...

6.4CVSS6AI score0.00073EPSS

Exploits0References11

Cvelist•added 2026/04/01 2:37 p.m.•20 views

CVE-2025-13535 King Addons for Elementor <= 51.1.38 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Widgets

6.4CVSS0.00073EPSS

Exploits0References11

Patchstack•added 2026/04/01 2:35 a.m.•3 views

WordPress King Addons for Elementor plugin <= 51.1.38 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin King Addons for Elementor versions = 51.1.53...

6.4CVSS5.9AI score0.00073EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/04/01 12:0 a.m.•2 views

WordPress plugin King Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.6AI score0.00073EPSS

Exploits0References11

RedhatCVE•added 2026/03/26 3:13 p.m.•1 views

CVE-2025-13997

The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in all versions up to, and including, 51.1.49 due to the plugin adding the API keys to the HTML source code via...

5.3CVSS5.8AI score0.00043EPSS

Exploits0References1

CNVD•added 2026/03/26 12:0 a.m.•1 views

WordPress Plugin King Addons for Elementor Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin King Addons for Elemento...

5.3CVSS5.7AI score0.00043EPSS

Exploits0

Patchstack•added 2026/03/24 3:19 p.m.•2 views

WordPress King Addons for Elementor plugin <= 51.1.49 - Unauthenticated API Keys Disclosure vulnerability

Unauthenticated API Keys Disclosure vulnerability discovered by Ulyses Saicha in WordPress Plugin King Addons for Elementor versions = 51.1.49...

5.3CVSS5.8AI score0.00043EPSS

Exploits0References1Affected Software1

EUVD•added 2026/03/23 9:30 a.m.•2 views

EUVD-2025-208931

5.3CVSS5.8AI score0.00043EPSS

Exploits0References3

Cvelist•added 2026/03/23 6:41 a.m.•27 views

CVE-2025-13997 King Addons for Elementor <= 51.1.49 - Unauthenticated API Keys Disclosure

5.3CVSS0.00043EPSS

Exploits0References2

CVE•added 2026/03/23 6:41 a.m.•3 views

CVE-2025-13997

The CVE-2025-13997 entry concerns the King Addons for Elementor WordPress plugin. Affected: King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor. Root cause: unauthenticated API key disclosure caused by the plugin adding API keys to the HTML ...

5.3CVSS5.8AI score0.00043EPSS

Exploits0References2

ATTACKERKB•added 2026/03/23 6:41 a.m.•1 views

CVE-2025-13997

5.3CVSS5.8AI score0.00043EPSS

Exploits0References3

Vulnrichment•added 2026/03/23 6:41 a.m.•2 views

CVE-2025-13997 King Addons for Elementor <= 51.1.49 - Unauthenticated API Keys Disclosure

5.3CVSS5.8AI score0.00043EPSS

Exploits0References2

CNNVD•added 2026/03/23 12:0 a.m.•2 views

WordPress plugin King Addons for Elementor 信息泄露漏洞

5.3CVSS5.7AI score0.00043EPSS

Exploits0References2

Packet Storm•added 2026/03/02 12:0 a.m.•148 views

📄 WordPress King Addons for Elementor 51.1.14 Privilege Escalation

Proof of concept for a WordPress King Addons for Elementor plugin versions 24.12.92 through 51.1.14 unauthenticated privilege escalation vulnerability. ============================================================================================================================================= |...

9.8CVSS5.9AI score0.49263EPSS

Exploits4

RedhatCVE•added 2025/12/14 8:45 a.m.•1 views

CVE-2025-7960

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Slider, Pricing Calculator, and Image Accordion widgets in all versions up to, and including, 51.1.39 due to insufficient input sanitization and output escaping on user supplie...

6.4CVSS5AI score0.00032EPSS

Exploits0References1

EUVD•added 2025/12/13 6:30 p.m.•1 views

EUVD-2025-203249

6.4CVSS4.7AI score0.00032EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by