6 matches found
CVE-2026-9281
The CVE-2026-9281 affects the WordPress plugin Master Addons For Elementor (Widgets/Extensions/Theme Builder/Popup Builder & Template Kits). Vulnerable component: the jtlma_custom_js (Custom JS Extension) page-setting storage, where insufficient input sanitization and output escaping allow a stor...
CVE-2026-2486
CVE-2026-2486 concerns the WordPress plugin Master Addons For Elementor. The vulnerability is a Stored Cross-Site Scripting (Stored XSS) via the parameter ma_el_bh_table_btn_text in versions up to and including 2.1.1, caused by insufficient input sanitization and output escaping. The exposure all...
CVE-2024-35702
CVE-2024-35702 affects WordPress Master Addons for Elementor plugin (
CVE-2024-33595
Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1...
WordPress Master Addons for Elementor Plugin < 2.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Master Addons for Elementor Type Plugin Vulnerable versions 2.0.3 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1cb661f3de8e Credits Rafie Muhammad...
CVE-2022-0327 Master Addons for Elementor < 1.8.2 - Reflected Cross-Site Scripting
The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the errormessage parameter before outputting it back in the response of the jltmarestrictcontent AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scriptin...