55 matches found
CVE-2024-0586
The CVE-2024-0586 entry concerns the WordPress plugin Essential Addons for Elementor (WPDeveloper) up to version 5.9.4, vulnerable to Stored Cross-Site Scripting via the Login/Register element due to insufficient input sanitization and output escaping on the custom login URL. The vulnerability pe...
CVE-2024-1537
CVE-2024-1537 impacts the WordPress plugin Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s Data Table widget, caused by insufficient input sanitization and output escaping on ...
CVE-2025-6244
CVE-2025-6244 affects the WordPress plugin “Essential Addons for Elementor” (Lite) up to version 6.1.19. The vulnerability is a Stored Cross‑Site Scripting (XSS) flaw in the Calendar and Business Reviews widgets caused by insufficient input sanitization and output escaping. Attacker capability re...
CVE-2025-64352
The CVE-2025-64352 entry concerns WordPress WPDeveloper Essential Addons for Elementor (essential-addons-for-elementor-lite) up to version 6.2.4 with a Missing Authorization / Broken Access Control vulnerability due to misconfigured access controls. Exploitation could compromise integrity (I: LOW...
CVE-2025-69092
CVE-2025-69092 is a WordPress vulnerability in Essential Addons for Elementor (Lite) that enables an authenticated (Contributor+) Stored Cross-Site Scripting (XSS) via input in versions