149 matches found
CVE-2026-4790
The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customsvg' parameter in versions up to, and including, 4.11.70 due to insufficient input sanitization and output escaping. This makes it possible fo...
CVE-2026-4790 Premium Addons for Elementor <= 4.11.70 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'custom_svg' Parameter
The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customsvg' parameter in versions up to, and including, 4.11.70 due to insufficient input sanitization and output escaping. This makes it possible fo...
WordPress Premium Addons for Elementor plugin <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style' vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'arrowstyle' vulnerability discovered by stealthcopter in WordPress Plugin Premium Addons for Elementor versions = 4.10.28...
WordPress plugin Premium Addons for Elementor has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...
WordPress Premium Addons for Elementor plugin <= 4.11.63 - Settings Change vulnerability
Settings Change vulnerability discovered by Phat RiO in WordPress Plugin Premium Addons for Elementor versions = 4.11.63...
CVE-2025-68494
The CVE-2025-68494 entry describes an information-disclosure vulnerability in the WordPress plugin “Premium Addons for Elementor” (Leap13 Premium Addons for Elementor) affecting versions up to and including 4.11.53. The flaw allows retrieval of embedded sensitive data via an exposure of sensitive...
CVE-2025-68494 WordPress Premium Addons for Elementor plugin <= 4.11.53 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Premium Addons for Elementor: from n/a through = 4.11.53...
CVE-2025-14163
The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...
WordPress plugin Premium Addons for Elementor 安全漏洞
WordPress Premium Addons for Elementor Plugin is a premium extension plugin developed for the Elementor page builder designed for WordPress websites. WordPress Premium Addons for Elementor Plugin suffers from an information disclosure vulnerability that stems from the exposure of sensitive system...
CVE-2025-14163
The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...
CVE-2025-14163
The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...
CVE-2025-14163
CVE-2025-14163 : The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation in insert_inner_template. This enables unauthenticated attackers to forge requests and cause creation of arbitrary Elementor templates, by tricking a ...
CVE-2025-14163 Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template'
The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...
CVE-2025-14155
CVE-2025-14155 affects Premium Addons for Elementor – Powerful Elementor Templates & Widgets (WordPress). Root cause: missing capability check in get_template_content across versions up to 4.11.53, allowing unauthenticated users to view content of private/draft templates. Impact: unauthenticated ...
PT-2025-52732
Name of the Vulnerable Software and Affected Versions Premium Addons for Elementor versions prior to 4.11.54 Description The Premium Addons for Elementor plugin for WordPress is susceptible to Cross-Site Request Forgery. This is caused by a lack of nonce validation within the insert inner templat...
EUVD-2021-11171
Malware in sbrugna...
EUVD-2024-47580
Malicious code in bioql PyPI...
EUVD-2024-46752
Malicious code in bioql PyPI...
EUVD-2024-44013
Malicious code in bioql PyPI...
EUVD-2024-32759
Malicious code in bioql PyPI...