CVE-2025-46258 WordPress Element Pack Pro Plugin < 8.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in BdThemes Element Pack Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Pack Pro: from n/a before 8.0.0...

CVE-2025-46257 WordPress Element Pack Pro Plugin < 8.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in BdThemes Element Pack Pro allows Cross Site Request Forgery.This issue affects Element Pack Pro: from n/a before 8.0.0...

WordPress Element Pack Elementor Addons plugin <= 5.10.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Lightbox Widget vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Lightbox Widget vulnerability discovered by zer0gh0st in WordPress Plugin Element Pack Elementor Addons versions = 5.10.5...

WordPress Element Pack Elementor Addons Plugin <= 5.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.6.5 Fixed in 5.6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5555 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f61d9ad47cc9 Credits João Pedro...

WordPress Element Pack Pro plugin < 7.19.3 - Arbitrary File Read and Phar Deserialization vulnerability

Arbitrary File Read and Phar Deserialization vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Element Pack Pro versions 7.19.3...

WordPress Element Pack Pro Plugin <= 7.7.4 is vulnerable to Arbitrary File Download

Software Element Pack Pro Type Plugin Vulnerable versions = 7.7.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Download CVE CVE-2024-33568 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 6b262cd1989a Credits Rafie Muhammad Patchstack...

CVE-2024-32572 WordPress Element Pack Elementor Addons plugin <= 5.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.6.0...

WordPress Plugin Element Pack Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Plugin Element Pack Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Element Pack Elementor Addons Plugin <= 5.5.6 is vulnerable to Sensitive Data Exposure

Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.5.6 Fixed in 5.6.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-2966 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 29f45f5357e3 Credits Krzysztof...

WordPress Element Pack Elementor Addons Plugin <= 5.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.3.2 Fixed in 5.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0837 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3b14c4647a07 Credits Webbernaut...

WordPress Plugin Element Pack Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Element Pack Elementor Addons Plugin <= 5.4.11 is vulnerable to Broken Access Control

Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.4.11 Fixed in 5.4.12 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-24840 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 61b5b426744b Credits Khalid Yusuf...