185 matches found
WordPress plugin Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Master Addons - Elementor Addons...
WordPress Master Addons for Elementor plugin <= 2.0.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via fancyBox vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via fancyBox vulnerability discovered by Webbernaut in WordPress Plugin Master Addons for Elementor versions = 2.0.9.0...
CVE-2025-5284
CVE-2025-5284 affects the WordPress plugin “Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations.” It describes a Stored Cross-Site Scripting (XSS) vulnerability via the Custom JS extension in all versions up to and including 2.0.8.2, caused by ...
CVE-2025-5284 Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations <= 2.0.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom JS extension in all versions up to, and including, 2.0.8.2 due to insufficient capability restriction, and...
CVE-2025-5284 Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations <= 2.0.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom JS extension in all versions up to, and including, 2.0.8.2 due to insufficient capability restriction, and...
WordPress plugin Master Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-29715 · WordPress · The Master Addons – Elementor Addons
Name of the Vulnerable Software and Affected Versions: Master Addons – Elementor Addons versions prior to 2.0.8.3 Description: The Master Addons – Elementor Addons plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Custom JS extension. Insufficient capability...
CVE-2024-3134
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the titlehtmltag attribute in all versions up to, and including, 2.0.6.0 due to insufficient input sanitization and output escaping...
CVE-2024-35660
Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1...
CVE-2024-5382
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ma-template' REST API route in all versions up to, and including, 2.0.6.1. This makes it...
CVE-2024-33595
Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1...
CVE-2024-4265
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in versions up to, and including, 2.0.5.9 due to insufficient input sanitization and output escaping. This makes ...
CVE-2024-9618
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 2.0.7.2 due to insufficient input sanitization and output...
CVE-2025-0433
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 2.0.7.1 due to insufficient input sanitization and output...
CVE-2025-0433
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 2.0.7.1 due to insufficient input sanitization and output...
CVE-2025-0433 Master Addons <= 2.0.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 2.0.7.1 due to insufficient input sanitization and output...
CVE-2025-0433
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations WordPress plugin is vulnerable to Stored Cross-Site Scripting via the id parameter in versions up to 2.0.7.1. Exploitation requires authentication at Contributor level or higher and can in...
CVE-2025-0433 Master Addons <= 2.0.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 2.0.7.1 due to insufficient input sanitization and output...
CVE-2024-9618 Master Addons <= 2.0.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 2.0.7.2 due to insufficient input sanitization and output...
CVE-2024-9618
CVE-2024-9618: Master Addons for Elementor (WordPress) is affected by a Stored Cross-Site Scripting vulnerability in multiple widgets, present in all versions up to 2.0.7.2. Root cause is insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authen...