185 matches found
CVE-2026-3132
The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...
EUVD-2026-9222
The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...
CVE-2026-3132
The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...
CVE-2026-3132 Master Addons for Elementor Premium <= 2.1.3 - Authenticated (Subscriber+) Remote Code Execution via render_preview
The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...
CVE-2026-3132
The CVE concerns the Master Addons for Elementor Premium plugin for WordPress. All versions up to 2.1.3 are affected by a Remote Code Execution flaw via JLTMA_Widget_Admin::render_preview, caused by a missing capability check. This allows authenticated attackers with Subscriber-level access and a...
CVE-2026-3132 Master Addons for Elementor Premium <= 2.1.3 - Authenticated (Subscriber+) Remote Code Execution via render_preview
The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...
PT-2026-22659
Name of the Vulnerable Software and Affected Versions Master Addons for Elementor Premium plugin for WordPress versions up to and including 2.1.3 Description The Master Addons for Elementor Premium plugin for WordPress is susceptible to Remote Code Execution via the JLTMA Widget Admin::render...
CVE-2024-52387
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through = 2.0.9.9.4...
CVE-2026-2486
The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-52387
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through = 2.0.9.9.4...
CVE-2024-52387
CVE-2024-52387 concerns a stored XSS in WordPress plugin Master Addons for Elementor (Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations). The Red Hat/NVD entries describe an improper neutralization of input during web page generation, enablin...
CVE-2024-52387 WordPress Master Addons plugin <= 2.0.9.9.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through = 2.0.9.9.4...
CVE-2024-52387 WordPress Master Addons plugin <= 2.0.9.9.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through = 2.0.9.9.4...
CVE-2026-2486
The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2486 Master Addons For Elementor <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'ma_el_bh_table_btn_text'
The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2486
The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2486 Master Addons For Elementor <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'ma_el_bh_table_btn_text'
The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2486
CVE-2026-2486 concerns the WordPress plugin Master Addons For Elementor. The vulnerability is a Stored Cross-Site Scripting (Stored XSS) via the parameter ma_el_bh_table_btn_text in versions up to and including 2.1.1, caused by insufficient input sanitization and output escaping. The exposure all...
PT-2026-21030
Name of the Vulnerable Software and Affected Versions Master Addons for Elementor versions through 2.0.9.9.4 Description A flaw exists in Master Addons for Elementor that allows for Stored Cross-site Scripting XSS. This issue arises from improper handling of user-supplied data during web page...
PT-2026-21010
Name of the Vulnerable Software and Affected Versions Master Addons For Elementor plugin for WordPress versions 2.1.1 and earlier Description The software is susceptible to a Stored Cross-Site Scripting issue because of inadequate input sanitization and output escaping. This allows authenticated...