Xpro Addons For Elementor Security Vulnerabilities and Issues — Xpro Addons For Elementor CVE List

Lucene search

WpxproXpro Addons For Elementor

8 matches found

CVE•added 2025/04/26 5:15 a.m.•60 views

CVE-2024-13808

The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom PHP widget. This is due to their only being client side controls when determining who can access the widget. This makes it possible for authenticate...

8.8CVSS8.9AI score0.00389EPSS

CVE•added 2024/05/08 11:15 a.m.•52 views

CVE-2024-34570

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through 1.4.3.

5.9CVSS6.6AI score0.00163EPSS

CVE•added 2025/03/08 12:15 p.m.•49 views

CVE-2024-13649

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 1.4.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...

6.4CVSS5.7AI score0.00057EPSS

CVE•added 2024/08/12 11:15 p.m.•47 views

CVE-2024-43150

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through 1.4.4.2.

6.5CVSS6.4AI score0.0007EPSS

CVE•added 2024/12/09 1:15 p.m.•45 views

CVE-2024-54253

6.5CVSS6.5AI score0.00034EPSS

CVE•added 2024/11/05 11:15 a.m.•40 views

CVE-2024-10319

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the render function in widgets/content-toggle/layout/frontend.php. This makes it possible for authenticated attackers, with Contri...

4.3CVSS4.3AI score0.00092EPSS

CVE•added 2024/08/27 11:15 a.m.•37 views

CVE-2024-7791

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘arrow’ parameter within the Post Grid widget in all versions up to, and including, 1.4.4.3 due to insufficient input sanitization and output escaping. This makes it possibl...

6.4CVSS5.7AI score0.001EPSS

CVE•added 2025/01/08 7:15 a.m.•33 views

CVE-2024-12584

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6.2 via the 'duplicate' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extrac...

6.5CVSS4.5AI score0.00109EPSS