Lucene search
+L

54 matches found

CNNVD
CNNVD
added 2026/01/07 12:0 a.m.5 views

WordPress plugin The Plus Addons for Elementor Pro 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security vulnerability exists ...

6.5CVSS6.5AI score0.00174EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/06 2:5 p.m.5 views

CVE-2024-23511

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.3.3...

6.5CVSS6.4AI score0.00128EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/05 1:33 p.m.3 views

EUVD-2024-21006

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.3.3...

6.5CVSS7.9AI score0.00128EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.3 views

PT-2026-1283

Name of the Vulnerable Software and Affected Versions The Plus Addons for Elementor Page Builder Lite versions through 5.3.3 Description The Plus Addons for Elementor Page Builder Lite is susceptible to a DOM-Based Cross-site Scripting issue due to improper input neutralization during web page...

6.5CVSS6.3AI score0.00128EPSS
Exploits0References3
CVE
CVE
added 2025/07/01 7:10 p.m.16 views

CVE-2025-46259

The CVE-2025-46259 entry describes a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin The Plus Addons for Elementor Pro, affecting versions prior to 6.3.7. The issue stems from incorrectly configured access control security levels that could allow unauthorized a...

5.4CVSS5.1AI score0.00251EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:22 a.m.4 views

CVE-2024-3199

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...

6.4CVSS5AI score0.00531EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:10 a.m.6 views

CVE-2024-5341

The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' attribute of the Heading Title widget in all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS4.9AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:4 a.m.6 views

CVE-2024-3718

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's widgets all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6.1AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:1 a.m.8 views

CVE-2024-4482

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Countdown' widget in all versions up to, and including, 5.6.1 due to insufficient input sanitization and output escaping...

6.4CVSS6AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:21 a.m.3 views

CVE-2024-10365

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.3 via the render function in modules/widgets/tpcarouselanything.php,...

4.3CVSS5.7AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:16 a.m.8 views

CVE-2024-35709

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through = 5.5.4...

6.5CVSS5.9AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:3 p.m.6 views

CVE-2021-24359

The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site. Such issue could b...

6.1CVSS6.7AI score0.02295EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:50 p.m.8 views

CVE-2021-4332

The Plus Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in versions up to, and including 4.1.9 pro and 2.0.6 free. The plugin has a feature to add an "Info Box" to an Elementor created page. This Info Box can include an SVG image for the box. Unfortunately, the...

6.5CVSS6AI score0.00796EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:21 p.m.9 views

CVE-2021-24351

The theplusmorepost AJAX action of The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.12 did not properly sanitise some of its fields, leading to a reflected Cross-Site Scripting exploitable on both unauthenticated and authenticated users...

6.1CVSS6.2AI score0.02483EPSS
Exploits2References1
NVD
NVD
added 2025/03/08 9:15 a.m.12 views

CVE-2025-1287

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown, Syntax Highlighter, and Page Scroll widgets in all versions up to, and including, 6.2.2 due to insufficient...

6.4CVSS0.00278EPSS
Exploits0References5
OSV
OSV
added 2024/11/01 3:15 p.m.6 views

CVE-2024-43932

Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.2...

8.8CVSS5.8AI score0.00561EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/10 8:31 p.m.6 views

WordPress The Plus Addons for Elementor plugin <= 5.6.11 - Authenticated (Contributor+) Sensitive Information Exposure

Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by Ankit Patel in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.6.11...

4.3CVSS6.7AI score0.00378EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/26 9:30 a.m.8 views

WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.6.2...

8.8CVSS6.8AI score0.00561EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/08/22 3:15 a.m.3 views

CVE-2024-5583

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carouseldirection parameter of testimonials widget in all versions up to, and including, 5.6.2 due to insufficient input...

6.4CVSS6.1AI score0.00248EPSS
Exploits0References3
OSV
OSV
added 2024/08/20 4:15 a.m.7 views

CVE-2024-6575

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘reswidthvalue’ parameter within the plugin's tppagescroll widget in all versions up to, and including, 5.6.2 due to...

5.4CVSS5.9AI score0.00311EPSS
Exploits0References4
Rows per page
Query Builder