Lucene search
K

409 matches found

ptsecurity
ptsecurity
added 2025/05/31 12:0 a.m.5 views

PT-2025-23378 · Elementor · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Element Pack Addons for Elementor versions up to, and including, 5.11.2 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, specifically via the marker content...

6.4CVSS5.7AI score0.00186EPSS
Exploits0References5
patchstack
patchstack
added 2025/05/30 9:18 p.m.7 views

WordPress Element Pack Elementor Addons plugin <= 5.11.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Robert DeVore in WordPress Plugin Element Pack Elementor Addons versions = 5.11.2...

6.4CVSS5.5AI score0.00186EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2025/05/23 10:17 a.m.11 views

CVE-2024-1429

The Element Pack Elementor Addons Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tablink’ attribute of the Panel Slider widget in all versions up to, and...

6.4CVSS6.1AI score0.00323EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 10:12 a.m.13 views

CVE-2024-2966

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.5.6 via the elementpackajaxsearch function. This makes it possible for...

7.5CVSS7AI score0.00492EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 10:3 a.m.5 views

CVE-2024-30185

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.5.3...

6.5CVSS8.6AI score0.00336EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 10:2 a.m.14 views

CVE-2024-24840

Missing Authorization vulnerability in BdThemes Element Pack Elementor Addons.This issue affects Element Pack Elementor Addons: from n/a through 5.4.11...

5.4CVSS8.6AI score0.00288EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:24 a.m.5 views

CVE-2024-3925

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Creative Button widget in all versions up to, and including, 5.6.11 due to insufficient input sanitization a...

6.4CVSS6.1AI score0.00341EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:7 a.m.3 views

CVE-2024-2455

The Element Pack - Addon for Elementor Page Builder WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget wrapper link URL in all versions up to, and including, 7.9.0 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5AI score0.00322EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:2 a.m.3 views

CVE-2024-4360

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 5.7.6 due to insufficient input sanitization and output escapi...

6.4CVSS6.1AI score0.00446EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:1 a.m.5 views

CVE-2024-3927

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Form Submission Admin Email Bypass in all versions up to, and including, 5.6.3. This is due to the plugin not properly checking for all variations of an...

5.3CVSS5.9AI score0.00425EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:0 a.m.8 views

CVE-2024-47392

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through = 5.7.5...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:37 a.m.5 views

CVE-2024-32572

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.6.0...

6.5CVSS5.2AI score0.00289EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:30 a.m.6 views

CVE-2024-5554

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘onclickevent’ parameter in all versions up to, and including, 5.6.11 due to insufficient input sanitization and outp...

6.4CVSS6.1AI score0.00337EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:27 a.m.16 views

CVE-2024-5555

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘social-link-title’ parameter in all versions up to, and including, 5.6.5 due to insufficient input sanitization and...

6.4CVSS5.9AI score0.00499EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:23 a.m.4 views

CVE-2024-1428

The Element Pack Elementor Addons Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘elementpackwrapperlink’ attribute of the Trailer Box widget in all versions up...

6.4CVSS5.7AI score0.00434EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:23 a.m.5 views

CVE-2024-1426

The Element Pack Elementor Addons Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ attribute of the Price List widget in all versions up to, and including,...

6.4CVSS5AI score0.00323EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:20 a.m.6 views

CVE-2024-10310

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom Gallery Widget 'imagetitle' parameter in all versions up to, and including, 5.10.1 due to insufficient input...

6.4CVSS5.1AI score0.00244EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:19 a.m.4 views

CVE-2024-10493

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows WordPress plugin before 5.10.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the...

5.4CVSS5.5AI score0.00349EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 8:15 a.m.6 views

CVE-2024-9868

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate Widget 'url' parameter in all versions up to, and including, 5.10.1 due to insufficient input sanitization a...

5.4CVSS5.1AI score0.00256EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:15 a.m.6 views

CVE-2024-9657

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' parameter in all versions up to, and including, 5.10.2 due to insufficient input sanitization and output...

6.5CVSS5.1AI score0.00336EPSS
Exploits0References1
Rows per page
Query Builder