CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2 days ago•4 views

CVE-2026-45214

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through = 1.5.1...

8.5CVSS5.6AI score0.00033EPSS

EUVD•added 2026/05/27 9:27 a.m.•9 views

EUVD-2025-209964

Vulnrichment•added 2026/05/27 9:27 a.m.•13 views

CVE-2025-0898 Xpro Elementor Addons - Pro <= 1.4.7 - Authenticated (Contributor+) Arbitrary File Read via Draw SVG

CVE•added 2026/05/27 9:27 a.m.•12 views

CVE-2025-0898

The CVE-2025-0898 affects the WordPress plugin Xpro Elementor Addons - Pro (versions up to 1.4.7). The vulnerability, exposed via the Draw SVG widget, allows an authenticated attacker with Contributor-level access (or higher) to perform Arbitrary File Reading on the server, exposing sensitive fil...

Cvelist•added 2026/05/27 9:27 a.m.•26 views

CVE-2025-0898 Xpro Elementor Addons - Pro <= 1.4.7 - Authenticated (Contributor+) Arbitrary File Read via Draw SVG

6.5CVSS0.00034EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•6 views

PT-2026-43632

Patchstack•added 2026/05/26 8:55 p.m.•5 views

Exploits0References3

WordPress Xpro Elementor Addons - Pro plugin <= 1.4.7 - Pro <= 1.4.7 - Authenticated (Contributor+) Arbitrary File Read vulnerability

WordPress Xpro Elementor Addons - Pro plugin = 1.4.7 - Pro = 1.4.7 - Authenticated Contributor+ Arbitrary File Read vulnerability discovered by stealthcopter in WordPress Plugin Xpro Elementor Addons - Pro versions = 1.4.7...

6.5CVSS5.8AI score0.00034EPSS

Exploits0References1Affected Software1

EUVD•added 2026/05/12 12:32 p.m.•8 views

EUVD-2026-29456

NVD•added 2026/05/12 11:16 a.m.•9 views

CVE-2026-45214

8.5CVSS0.00033EPSS

ATTACKERKB•added 2026/05/12 11:2 a.m.•7 views

CVE-2026-45214

Cvelist•added 2026/05/12 11:2 a.m.•35 views

CVE-2026-45214 WordPress Xpro Elementor Addons plugin <= 1.5.1 - SQL Injection vulnerability

8.5CVSS0.00033EPSS

Vulnrichment•added 2026/05/12 11:2 a.m.•6 views

CVE-2026-45214 WordPress Xpro Elementor Addons plugin <= 1.5.1 - SQL Injection vulnerability

CVE•added 2026/05/12 11:2 a.m.•14 views

CVE-2026-45214

CVE-2026-45214 : SQL injection vulnerability in the WordPress plugin “Xpro Elementor Addons” (xpro-elementor-addons) up to version

CNNVD•added 2026/05/12 12:0 a.m.•6 views

WordPress plugin Xpro Elementor Addons SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.5CVSS5.9AI score0.00033EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•5 views

PT-2026-40014

RedhatCVE•added 2026/01/23 9:17 p.m.•5 views

CVE-2025-69312

Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Upload a Web Shell to a Web Server.This issue affects Xpro Elementor Addons: from n/a through = 1.4.19.1...

9.1CVSS5.4AI score0.00076EPSS

NVD•added 2026/01/22 5:16 p.m.•1 views

CVE-2025-69312

9.1CVSS0.00076EPSS

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-69312 WordPress Xpro Elementor Addons plugin <= 1.4.19.1 - Arbitrary File Upload vulnerability

5.9AI score0.00076EPSS

CVE•added 2026/01/22 4:52 p.m.•8 views

CVE-2025-69312

CVE-2025-69312 describes an Unrestricted Upload of File with Dangerous Type in Xpro Elementor Addons (Xpro Addons, 140+ Widgets for Elementor). The flaw allows uploading a Web Shell to the web server, affecting Xpro Elementor Addons versions up to and including 1.4.19.1 (vendor n/a). The issue’s ...

9.1CVSS5.4AI score0.00076EPSS