55 matches found
CVE-2024-0954
The CVE-2024-0954 entry concerns the WordPress plugin Essential Addons for Elementor (WPDeveloper). A Stored Cross-Site Scripting vulnerability exists in the editing context via the data-eael-wrapper-link wrapper, affecting all versions up to and including 5.9.7 due to insufficient input sanitiza...
CVE-2024-1537
CVE-2024-1537 impacts the WordPress plugin Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s Data Table widget, caused by insufficient input sanitization and output escaping on ...
CVE-2025-6244
CVE-2025-6244 affects the WordPress plugin “Essential Addons for Elementor” (Lite) up to version 6.1.19. The vulnerability is a Stored Cross‑Site Scripting (XSS) flaw in the Calendar and Business Reviews widgets caused by insufficient input sanitization and output escaping. Attacker capability re...
CVE-2025-64352
The CVE-2025-64352 entry concerns WordPress WPDeveloper Essential Addons for Elementor (essential-addons-for-elementor-lite) up to version 6.2.4 with a Missing Authorization / Broken Access Control vulnerability due to misconfigured access controls. Exploitation could compromise integrity (I: LOW...
CVE-2025-69092
CVE-2025-69092 is a WordPress vulnerability in Essential Addons for Elementor (Lite) that enables an authenticated (Contributor+) Stored Cross-Site Scripting (XSS) via input in versions