8 matches found
CVE-2025-14274
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...
CVE-2025-14274
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...
CVE-2025-14274 Unlimited Elements for Elementor <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...
CVE-2025-14274 Unlimited Elements for Elementor <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...
CVE-2025-14274
The CVE-2025-14274 affects the WordPress plugin Unlimited Elements for Elementor. A Stored Cross-Site Scripting (XSS) flaw exists in the Border Hero widget’s Button Link field due to insufficient input sanitization and output escaping, vulnerable in versions up to 2.0.1. An authenticated attacker...
CVE-2025-14274
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...
PT-2026-5773
Name of the Vulnerable Software and Affected Versions Unlimited Elements for Elementor plugin versions up to 2.0.1 Description The Unlimited Elements for Elementor plugin for WordPress has a Stored Cross-Site Scripting issue. This is caused by inadequate input sanitization and output escaping of...
WordPress Unlimited Elements for Elementor plugin <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Border Hero Widget vulnerability discovered by zer0gh0st in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 2.0.1...