Happy Addons For Elementor Security Vulnerabilities and Issues — Happy Addons For Elementor CVE List

Lucene search

WedevsHappy Addons For Elementor

9 matches found

CVE•added 2024/04/09 7:15 p.m.•41 views

CVE-2024-2787

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Page Title HTML Tag in all versions up to, and including, 3.10.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated ...

6.4CVSS7.6AI score0.00138EPSS

CVE•added 2024/06/29 7:15 a.m.•40 views

CVE-2024-5790

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ attribute within the plugin's Gradient Heading widget in all versions up to, and including, 3.11.1 due to insufficient input sanitization and output escaping. This makes it possible for au...

6.4CVSS5.5AI score0.00089EPSS

CVE•added 2021/05/17 5:15 p.m.•38 views

CVE-2021-24292

The Happy Addons for Elementor WordPress plugin before 2.24.0, Happy Addons Pro for Elementor WordPress plugin before 1.17.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting(XSS) by lower-privileged users such as contributors, all via a similar method: The “Card” widget a...

5.4CVSS5.4AI score0.00222EPSS

CVE•added 2024/09/25 1:15 a.m.•38 views

CVE-2024-8801

The Happy Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.12.2 via the Content Switcher widget. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data in...

4.3CVSS4.7AI score0.00188EPSS

CVE•added 2025/01/08 7:15 a.m.•34 views

CVE-2024-12852

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ha_cmc_text' parameter of the Happy Mouse Cursor in all versions up to, and including, 3.15.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

6.4CVSS5.8AI score0.00026EPSS

CVE•added 2023/12/29 1:15 p.m.•33 views

CVE-2023-51676

Server-Side Request Forgery (SSRF) vulnerability in Leevio Happy Addons for Elementor.This issue affects Happy Addons for Elementor: from n/a through 3.9.1.1.

6.5CVSS6.1AI score0.00389EPSS

CVE•added 2024/01/11 9:15 a.m.•31 views

CVE-2023-6632

The Happy Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via DOM in all versions up to and including 3.9.1.1 (versions up to 2.9.1.1 in Happy Addons for Elementor Pro) due to insufficient input sanitization and output escaping. This makes it possible for u...

6.1CVSS6.2AI score0.02521EPSS

CVE•added 2023/09/27 3:19 p.m.•26 views

CVE-2023-41236

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Happy addons Happy Elementor Addons Pro plugin

7.1CVSS6AI score0.00193EPSS

CVE•added 2023/07/10 4:15 p.m.•25 views

CVE-2023-28989

Cross-Site Request Forgery (CSRF) vulnerability in weDevs Happy Addons for Elementor plugin

8.8CVSS6.5AI score0.0007EPSS