Lucene search
K

185 matches found

NVD
NVD
added 2026/03/02 6:16 p.m.5 views

CVE-2026-3132

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

8.8CVSS0.00596EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/02 5:23 p.m.6 views

EUVD-2026-9222

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

8.8CVSS6.2AI score0.00596EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/02 5:23 p.m.2 views

CVE-2026-3132

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

8.8CVSS6.2AI score0.00596EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/02 5:23 p.m.32 views

CVE-2026-3132 Master Addons for Elementor Premium <= 2.1.3 - Authenticated (Subscriber+) Remote Code Execution via render_preview

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

8.8CVSS0.00596EPSS
Exploits0References3
CVE
CVE
added 2026/03/02 5:23 p.m.14 views

CVE-2026-3132

The CVE concerns the Master Addons for Elementor Premium plugin for WordPress. All versions up to 2.1.3 are affected by a Remote Code Execution flaw via JLTMA_Widget_Admin::render_preview, caused by a missing capability check. This allows authenticated attackers with Subscriber-level access and a...

8.8CVSS6.2AI score0.00596EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/02 5:23 p.m.5 views

CVE-2026-3132 Master Addons for Elementor Premium <= 2.1.3 - Authenticated (Subscriber+) Remote Code Execution via render_preview

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMAWidgetAdmin::renderpreview'. This is due to missing capability check. This makes it possible for authenticated attackers, with...

8.8CVSS6.2AI score0.00596EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.11 views

PT-2026-22659

Name of the Vulnerable Software and Affected Versions Master Addons for Elementor Premium plugin for WordPress versions up to and including 2.1.3 Description The Master Addons for Elementor Premium plugin for WordPress is susceptible to Remote Code Execution via the JLTMA Widget Admin::render...

8.8CVSS6.2AI score0.00596EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.4 views

CVE-2024-52387

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through = 2.0.9.9.4...

5.9CVSS5.5AI score0.00217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 1:18 p.m.9 views

CVE-2026-2486

The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.7AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.5 views

CVE-2024-52387

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through = 2.0.9.9.4...

5.9CVSS0.00217EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:46 p.m.18 views

CVE-2024-52387

CVE-2024-52387 concerns a stored XSS in WordPress plugin Master Addons for Elementor (Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations). The Red Hat/NVD entries describe an improper neutralization of input during web page generation, enablin...

5.9CVSS8.5AI score0.00217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.1 views

CVE-2024-52387 WordPress Master Addons plugin <= 2.0.9.9.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through = 2.0.9.9.4...

5.9CVSS7.2AI score0.00217EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.20 views

CVE-2024-52387 WordPress Master Addons plugin <= 2.0.9.9.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through = 2.0.9.9.4...

5.9CVSS0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 12:16 p.m.7 views

CVE-2026-2486

The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00152EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/20 11:26 a.m.25 views

CVE-2026-2486 Master Addons For Elementor <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'ma_el_bh_table_btn_text'

The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00152EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/20 11:26 a.m.5 views

CVE-2026-2486

The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.7AI score0.00152EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/20 11:26 a.m.3 views

CVE-2026-2486 Master Addons For Elementor <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'ma_el_bh_table_btn_text'

The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'maelbhtablebtntext' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.7AI score0.00152EPSS
Exploits0References2
CVE
CVE
added 2026/02/20 11:26 a.m.26 views

CVE-2026-2486

CVE-2026-2486 concerns the WordPress plugin Master Addons For Elementor. The vulnerability is a Stored Cross-Site Scripting (Stored XSS) via the parameter ma_el_bh_table_btn_text in versions up to and including 2.1.1, caused by insufficient input sanitization and output escaping. The exposure all...

6.4CVSS5.7AI score0.00152EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.4 views

PT-2026-21030

Name of the Vulnerable Software and Affected Versions Master Addons for Elementor versions through 2.0.9.9.4 Description A flaw exists in Master Addons for Elementor that allows for Stored Cross-site Scripting XSS. This issue arises from improper handling of user-supplied data during web page...

8.6AI score0.00217EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.7 views

PT-2026-21010

Name of the Vulnerable Software and Affected Versions Master Addons For Elementor plugin for WordPress versions 2.1.1 and earlier Description The software is susceptible to a Stored Cross-Site Scripting issue because of inadequate input sanitization and output escaping. This allows authenticated...

6.4CVSS5.3AI score0.00152EPSS
Exploits0References6
Rows per page
Query Builder