PT-2025-30705 · WordPress · Elementskit Elementor Addons/Templates

Name of the Vulnerable Software and Affected Versions: ElementsKit Elementor Addons and Templates versions prior to 3.5.3 Description: The ElementsKit Elementor Addons and Templates plugin for WordPress is susceptible to Stored Cross-Site Scripting via the URL attribute of a custom widget due to...

CVE-2024-11180

CVE-2024-11180 affects ElementsKit Elementor Addons and Templates (Elementor) with a Stored Cross-Site Scripting vulnerability in the ekit_countdown_timer_title parameter, exploitable on all versions up to 3.4.7 due to insufficient input sanitization/output escaping. Attackers with Contributor+ p...

WordPress ElementsKit Elementor addons plugin <= 3.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin ElementsKit Elementor addons Lite versions = 3.2.9...

WordPress plugin ElementsKit Elementor addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

CVE-2024-1239

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blog post read more button in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...