WordPress Premium Addons for Elementor plugin <= 4.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by Asaf Mozes in WordPress Plugin Premium Addons for Elementor versions = 4.11.8...

WordPress Premium Blocks – Gutenberg Blocks for WordPress Plugin <= 2.1.33 is vulnerable to Cross Site Scripting (XSS)

Software Premium Blocks – Gutenberg Blocks for WordPress Type Plugin Vulnerable versions = 2.1.33 Fixed in 2.1.34 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47368 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID f6e2745653a5 Credits João Pedro ...

WordPress Premium Addons for Elementor Plugin <= 4.10.52 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.52 Fixed in 4.10.53 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8681 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID 8d0783303dbc Credits zer0gh0st...

WordPress Premium Addons for Elementor Plugin <= 4.10.38 is vulnerable to Broken Access Control

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.38 Fixed in 4.10.39 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6824 Patch priority Low CVSS severity Low 4.3 Developer LeapWorx PSID 316a5e4aa224 Credits stealthcopter Requir...

WordPress Premium Addons for Elementor Plugin <= 4.10.34 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.34 Fixed in 4.10.35 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37922 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID 8d2ddf127555 Credits wcraft Required privilege...

WordPress Premium Addons for Elementor Plugin <= 4.10.24 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.24 Fixed in 4.10.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2666 Patch priority Low CVSS severity Low 5.4 Developer LeapWorx PSID 46b32077f295 Credits wesley wcraft...

WordPress Premium Addons for Elementor Plugin <= 4.10.27 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.27 Fixed in 4.10.28 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2665 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID cacdff610a83 Credits Dau Hoang Tai...

WordPress Premium Addons for Elementor Plugin <= 4.10.16 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.16 Fixed in 4.10.17 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29106 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID 89d8d110c101 Credits Khalid Yusuf Required...

WordPress Premium Addons for Elementor Plugin <= 4.10.21 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.21 Fixed in 4.10.22 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1680 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID dc52f582d20e Credits Webbernaut...

WordPress Premium Addons for Elementor Plugin <= 4.10.18 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.18 Fixed in 4.10.19 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1242 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID 681ce22404a9 Credits Nikolas Requir...