Lucene search
K
ElementinvaderElementinvader Addons For Elementor

10 matches found

CVE
CVE
added 2025/01/24 5:25 p.m.67 views

CVE-2025-24729

CVE-2025-24729 concerns the WordPress plugin ElementInvader Addons for Elementor, with Stored XSS in ElementInvader Addons for Elementor <= 1.3.3. The vulnerability stems from improper input neutralization during web page generation, allowing stored cross-site scripting. Public documents confi...

6.5CVSS7.2AI score0.00304EPSS
CVE
CVE
added 2024/07/20 7:30 a.m.59 views

CVE-2024-38705

CVE-2024-38705 affects ElementInvader Addons for Elementor (WordPress). The vulnerability is a Stored XSS caused by improper neutralization of input during web page generation, affecting ElementInvader Addons for Elementor versions up to and including 1.2.4. Mitigation: upgrade to a version later...

6.5CVSS6.5AI score0.00261EPSS
CVE
CVE
added 2025/01/24 5:24 p.m.59 views

CVE-2025-24618

CVE-2025-24618 is a Missing Authorization vulnerability affecting the WordPress plugin ElementInvader Addons for Elementor (versions up to 1.3.1). The connected sources describe a broken access control vulnerability allowing exploitation of improperly configured authorization, with no public expl...

8.8CVSS7.2AI score0.00481EPSS
CVE
CVE
added 2024/03/16 1:55 a.m.58 views

CVE-2024-2308

CVE-2024-2308 affects the ElementInvader Addons for Elementor WordPress plugin. The vulnerability is a Stored XSS via the EliSlider button link in all versions up to 1.2.2, caused by insufficient input sanitization and output escaping. Affected: ElementInvader Addons for Elementor (WordPress plug...

6.4CVSS7.7AI score0.00323EPSS
CVE
CVE
added 2024/12/12 5:24 a.m.54 views

CVE-2024-12059

CVE-2024-12059 : ElementInvader Addons for Elementor (WordPress) is vulnerable to Sensitive Information Exposure in all versions up to 1.3.1 via the eli_option_value shortcode. An authenticated attacker with Contributor-level access (or higher) can read arbitrary options from the wp_options table...

4.3CVSS6.8AI score0.003EPSS
CVE
CVE
added 2025/01/24 5:24 p.m.54 views

CVE-2025-24578

CVE-2025-24578 affects ElementInvader Addons for Elementor (WordPress plugin). The vulnerability is a DOM-based XSS caused by improper input neutralization during web page generation, impacting ElementInvader Addons for Elementor versions from n/a through 1.3.0. The Red Hat/ENISA and Patchstack e...

6.5CVSS7.2AI score0.0036EPSS
CVE
CVE
added 2025/01/15 3:23 p.m.52 views

CVE-2025-22786

CVE-2025-22786 corresponds to a Path Traversal vulnerability in ElementInvader Addons for Elementor. The issue enables PHP Local File Inclusion via authenticated access (Contributor+ level) in ElementInvader Addons for Elementor

8.8CVSS7.2AI score0.00663EPSS
CVE
CVE
added 2024/10/16 5:31 a.m.50 views

CVE-2024-9888

The CVE-2024-9888 entry concerns the WordPress plugin ElementInvader Addons for Elementor. A Stored Cross-Site Scripting (XSS) vulnerability exists in the plugin’s contact form widget redirect URL due to insufficient input sanitization and output escaping on user-supplied attributes. Affected ver...

5.4CVSS5.3AI score0.00256EPSS
CVE
CVE
added 2024/10/19 6:42 a.m.47 views

CVE-2024-9889

CVE-2024-9889 affects ElementInvader Addons for Elementor (WordPress). The vulnerability allows authenticated attackers with contributor-level access and above to perform Sensitive Information Exposure via the Page Loader widget, enabling viewing of private/draft/password-protected posts, pages, ...

4.3CVSS4.7AI score0.00335EPSS
CVE
CVE
added 2024/10/05 1:20 p.m.45 views

CVE-2024-47630

ElementInvader Addons for Elementor (WordPress plugin) contains CVE-2024-47630: Stored XSS due to improper input neutralization during web page generation. Affected versions are

6.5CVSS5.9AI score0.00241EPSS