CVE-2024-10868 Enter Addons – Ultimate Template Builder for Elementor <= 2.1.9 - Authenticated (Contributor+) Post Disclosure

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.9 via the Advanced Tabs widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...

CVE-2024-10868 Enter Addons – Ultimate Template Builder for Elementor <= 2.1.9 - Authenticated (Contributor+) Post Disclosure

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.9 via the Advanced Tabs widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...

WordPress Enter Addons – Ultimate Template Builder for Elementor plugin <= 2.1.9 - Authenticated (Contributor+) Post Disclosure vulnerability

Authenticated Contributor+ Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin Enter Addons versions = 2.1.9...

PT-2024-16601 · WordPress · Enter Addons – Ultimate Template Builder For Elementor

Name of the Vulnerable Software and Affected Versions: The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress versions up to, and including, 2.1.9 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private or...

CVE-2024-47625 WordPress Enter Addons – Ultimate Template Builder for Elementor plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themelooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through = 2.1.8...

CVE-2024-47625 WordPress Enter Addons – Ultimate Template Builder for Elementor plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.8...

WordPress Enter Addons – Ultimate Template Builder for Elementor plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Enter Addons versions = 2.1.8...

CVE-2024-7611

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute of the Events Card widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied...

CVE-2024-37263 WordPress Enter Addons – Ultimate Template Builder for Elementor plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.6...