4 matches found
WordPress Exclusive Addons for Elementor plugin <= 2.7.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Timer Widget vulnerability discovered by Webbernaut in WordPress Plugin Exclusive Addons Elementor versions = 2.7.9.1...
CVE-2025-4783
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of the Countdown Timer Widget in all versions up to, and including, 2.7.9.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-4783 Exclusive Addons for Elementor <= 2.7.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of the Countdown Timer Widget in all versions up to, and including, 2.7.9.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-4783
CVE-2025-4783 concerns the WordPress plugin Exclusive Addons for Elementor. It describes a Stored Cross-Site Scripting vulnerability in the Countdown Timer Widget present in all versions up to 2.7.9.1, caused by insufficient input sanitization and output escaping. The issue allows authenticated a...