Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

379 matches found

Nuclei
Nucleiadded 8 hours ago10 views

Premium Addons for Elementor - Unauthenticated Information Disclosure

Premium Addons for Elementor plugin for WordPress version 4.11.53 and below contains an unauthenticated information disclosure vulnerability.The vulnerability exists due to a missing authorization check in the gettemplatecontent AJAX handler, allowing unauthenticated attackers to retrieve private...

5.3CVSS5.2AI score0.00715EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/05/04 8:21 p.m.20 views

CVE-2026-4790

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customsvg' parameter in versions up to, and including, 4.11.70 due to insufficient input sanitization and output escaping. This makes it possible fo...

5.4CVSS6AI score0.00137EPSS
Exploits0References1
NVD
NVDadded 2026/05/02 12:16 p.m.11 views

CVE-2026-4790

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customsvg' parameter in versions up to, and including, 4.11.70 due to insufficient input sanitization and output escaping. This makes it possible fo...

5.4CVSS0.00137EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/02 11:16 a.m.50 views

CVE-2026-4790 Premium Addons for Elementor <= 4.11.70 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'custom_svg' Parameter

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customsvg' parameter in versions up to, and including, 4.11.70 due to insufficient input sanitization and output escaping. This makes it possible fo...

5.4CVSS0.00137EPSS
Exploits0References2
CVE
CVEadded 2026/05/02 11:16 a.m.15 views

CVE-2026-4790

CVE-2026-4790 affects the Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress. The issue is stored cross-site scripting via the 'custom_svg' parameter in versions up to and including 4.11.70 , caused by insufficient input sanitization and output escaping. Th...

5.4CVSS6AI score0.00137EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/02 11:16 a.m.21 views

EUVD-2026-26783

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customsvg' parameter in versions up to, and including, 4.11.70 due to insufficient input sanitization and output escaping. This makes it possible fo...

5.4CVSS6AI score0.00137EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/02 11:16 a.m.4 views

CVE-2026-4790 Premium Addons for Elementor <= 4.11.70 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'custom_svg' Parameter

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customsvg' parameter in versions up to, and including, 4.11.70 due to insufficient input sanitization and output escaping. This makes it possible fo...

5.4CVSS6AI score0.00137EPSS
Exploits0References2
Patchstack
Patchstackadded 2026/05/01 9:53 p.m.4 views

WordPress Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin <= 4.11.70 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Fernando Mecozzi in WordPress Plugin Premium Addons for Elementor versions = 4.11.70...

5.4CVSS5.8AI score0.00137EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/02/02 7:55 p.m.5 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multi Scroll Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multi Scroll Widget vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS7.1AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/02/02 7:55 p.m.5 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Messenger Chat Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Messenger Chat Widget vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS7.1AI score0.00413EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/02/02 5:50 p.m.7 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Global Badge Module vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Global Badge Module vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS7.1AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/02/02 2:53 p.m.6 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Mouse Cursor Module vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Custom Mouse Cursor Module vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS5.3AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/02/02 2:52 p.m.4 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Premium Magic Scroll Module vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Premium Magic Scroll Module vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS5.4AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/02/02 9:33 a.m.5 views

WordPress Premium Addons for Elementor plugin <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'arrowstyle' vulnerability discovered by stealthcopter in WordPress Plugin Premium Addons for Elementor versions = 4.10.28...

6.4CVSS5.3AI score0.00444EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/02/02 9:3 a.m.5 views

WordPress Premium Addons for Elementor plugin <= 4.10.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Global Tooltip vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Global Tooltip vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons for Elementor versions = 4.10.31...

5.4CVSS5.3AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/02/02 9:3 a.m.5 views

WordPress Premium Addons for Elementor plugin <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Fancy Text Widget vulnerability discovered by Webbernaut in WordPress Plugin Premium Addons for Elementor versions = 4.10.31...

6.4CVSS5.3AI score0.00332EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2026/01/23 9:17 p.m.7 views

CVE-2025-69300

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through = 4.11.63...

5.4CVSS5.4AI score0.00209EPSS
Exploits0References1
NVD
NVDadded 2026/01/22 5:16 p.m.3 views

CVE-2025-69300

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through = 4.11.63...

5.4CVSS0.00209EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.1 views

CVE-2025-69300

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through = 4.11.63...

5.4CVSS5.3AI score0.00209EPSS
Exploits0References2
CVE
CVEadded 2026/01/22 4:52 p.m.9 views

CVE-2025-69300

The CVE CVE-2025-69300 concerns Leap13 Premium Addons for Elementor (plugin: premium-addons-for-elementor) with affected versions from n/a up to and including 4.11.63. The issue is a Missing Authorization vulnerability caused by incorrectly configured access control security levels, enabling unau...

5.4CVSS5.4AI score0.00209EPSS
Exploits0References1
Rows per page
Query Builder