CVE-2024-6166

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to time-based SQL Injection via the ‘addonsorder’ parameter in all versions up to, and including, 1.5.112 due to insufficient escaping on the user supplied parameter and lack of sufficient...

PT-2024-37426 · WordPress · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: The Unlimited Elements For Elementor plugin for WordPress versions up to, and including, 1.5.112 Description: The issue is related to time-based SQL Injection via the addons order parameter due to insufficient escaping on the user-supplied...