WordPress Essential Addons for Elementor plugin <= 6.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Info Box Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Info Box Widget vulnerability discovered by knani alaaeddine iwd in WordPress Plugin Essential Addons for Elementor versions = 6.5.9...

WordPress Essential Addons for Elementor plugin <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Filterable Gallery Widget vulnerability discovered by zer0gh0st in WordPress Plugin Essential Addons for Elementor versions = 6.0.3...

CVE-2025-64352

The CVE-2025-64352 entry concerns WordPress WPDeveloper Essential Addons for Elementor (essential-addons-for-elementor-lite) up to version 6.2.4 with a Missing Authorization / Broken Access Control vulnerability due to misconfigured access controls. Exploitation could compromise integrity (I: LOW...

CVE-2025-39590 WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.1.9...

WordPress Essential Addons for Elementor Pro Plugin <= 5.8.15 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Pro Type Plugin Vulnerable versions = 5.8.15 Fixed in 5.8.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5612 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e15428c7c929 Credits...

WordPress Essential Addons for Elementor Plugin <= 5.9.19 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.19 Fixed in 5.9.20 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4275 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID cf3506099f76 Credits Ngô Thiên A...

WordPress Essential Addons for Elementor plugin <= 5.9.17 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Essential Addons for Elementor versions = 5.9.17...

WordPress Essential Addons for Elementor Plugin <= 5.9.7 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.7 Fixed in 5.9.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0954 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID a111b892d269 Credits Webbernaut...

WordPress Essential Addons for Elementor Plugin <= 5.8.8 is vulnerable to Privilege Escalation

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.8.8 Fixed in 5.8.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-41955 Patch priority High CVSS severity High 8.8 Developer WPDeveloper PSID 80be75758179...

CVE-2023-32243 WordPress Essential Addons for Elementor Plugin 5.4.0-5.7.1 is vulnerable to Privilege Escalation

Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1...

WordPress Essential Addons for Elementor Lite 跨站脚本漏洞

WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Essential Addons for Elementor Lite Plugin versions prior to 4.5.4. An attacker can exploit this vulnerability to launch a cross-site scripting attack...