386 matches found
CVE-2024-24831
CVE-2024-24831 affects WordPress Premium Addons for Elementor (Leap13 Premium Addons for Elementor) and is a cross-site scripting (XSS) vulnerability due to improper neutralization of input during web page generation. Multiple sources identify the vulnerable range as Premium Addons for Elementor ...
WordPress Premium Addons for Elementor Plugin <= 4.10.16 is vulnerable to Cross Site Scripting (XSS)
Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.16 Fixed in 4.10.17 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24831 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID 69f3ad862bdd Credits Khalid Yusuf Required...
CVE-2023-37868
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0...
Design/Logic Flaw
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0...
CVE-2023-37868 WordPress Premium Addons PRO Plugin <= 2.9.0 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0...
CVE-2023-37868
CVE-2023-37868 concerns WordPress Premium Addons PRO (Leap13 Premium Addons PRO). Affected: Premium Addons PRO versions up to and including 2.9.0. Description: Exposure of sensitive information to an unauthorized actor. Root cause/source indicates information disclosure vulnerability in the plugi...
WordPress Plugin Premium Addons for Elementor Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...
WordPress Premium Addons PRO Plugin <= 2.9.0 is vulnerable to Broken Access Control
Software Premium Addons PRO Type Plugin Vulnerable versions = 2.9.0 Fixed in 2.9.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-37869 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 09e72b9c3acf Credits Rafie Muhammad Patchstack...
WordPress Premium Addons PRO Plugin <= 2.9.0 is vulnerable to Sensitive Data Exposure
Software Premium Addons PRO Type Plugin Vulnerable versions = 2.9.0 Fixed in 2.9.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-37868 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 61bc62d7d465 Credits Rafie Muhammad...
CVE-2023-34012
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Premium Addons for Elementor Premium Addons PRO plugin = 2.8.24 versions...
CVE-2023-34012
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Premium Addons for Elementor Premium Addons PRO plugin = 2.8.24 versions...
CVE-2023-34012
CVE-2023-34012 affects Premium Addons for Elementor Premium Addons PRO (WordPress) up to version 2.8.24, with an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability. The issue is fixed in version 2.8.25; update to that version or apply vendor guidance. The vulnerability is not desc...
CVE-2023-34012 WordPress Premium Addons PRO Plugin <= 2.8.24 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Premium Addons for Elementor Premium Addons PRO plugin = 2.8.24 versions...
CVE-2023-34012 WordPress Premium Addons PRO Plugin <= 2.8.24 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Premium Addons for Elementor Premium Addons PRO plugin = 2.8.24 versions...
PT-2023-24631 · Unknown · Premium Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor Premium Addons PRO plugin versions = 2.8.24 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scrip...
WordPress Plugin Premium Addons PRO 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Premium Addons PRO Plugin <= 2.8.24 is vulnerable to Cross Site Scripting (XSS)
Software Premium Addons PRO Type Plugin Vulnerable versions = 2.8.24 Fixed in 2.8.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-34012 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3e100a687a90 Credits Rafie Muhamm...
WordPress Premium Addons for Elementor plugin <= 4.5.1 - Arbitrary Blog Option Update vulnerability
Arbitrary Blog Option Update vulnerability discovered by WPScanTeam in WordPress Premium Addons for Elementor plugin versions = 4.5.1. Solution Update the WordPress Premium Addons for Elementor plugin to the latest available version at least 4.5.2...
WordPress Premium Addons for Elementor Plugin < 4.2.8 XSS Vulnerability
The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
CVE-2021-24257
The “Premium Addons for Elementor” WordPress Plugin before 4.2.8 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...