Leap13 Premium_addons_for_elementor
36 CVEs affecting Leap13 Premium_addons_for_elementor. Latest disclosed: 2025-12-24. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-34012 | High | 7.1 | 2023-06-23 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions. |
CVE-2021-4445 | Medium | 6.5 | 2024-10-16 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Arbitrary Option Updates in versions up to, and including, 4.5.1. This is due to missing… |
CVE-2024-37922 | Medium | 6.5 | 2024-07-20 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-el… |
CVE-2024-32791 | Medium | 6.5 | 2024-04-24 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-el… |
CVE-2024-29106 | Medium | 6.5 | 2024-03-19 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.Thi… |
CVE-2024-24831 | Medium | 6.5 | 2024-02-10 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-el… |
CVE-2024-11937 | Medium | 6.4 | 2025-07-04 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile Menu element in all v… |
CVE-2025-4774 | Medium | 6.4 | 2025-06-10 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all… |
CVE-2024-10266 | Medium | 6.4 | 2024-10-29 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Box widget in all versions up to, and… |
CVE-2024-8681 | Medium | 6.4 | 2024-09-27 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, an… |
CVE-2024-6495 | Medium | 6.4 | 2024-07-12 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in all versions up to… |
CVE-2024-6340 | Medium | 6.4 | 2024-07-03 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and… |
CVE-2024-4376 | Medium | 6.4 | 2024-05-31 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, an… |
CVE-2024-4378 | Medium | 6.4 | 2024-05-23 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's menu and shape widgets in all versions up t… |
CVE-2024-3885 | Medium | 6.4 | 2024-05-02 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the subcontainer value parameter in all versions up to… |
CVE-2024-3647 | Medium | 6.4 | 2024-05-02 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions up to, a… |
CVE-2024-2665 | Medium | 6.4 | 2024-04-10 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button in all versions up to, and including… |
CVE-2024-2664 | Medium | 6.4 | 2024-04-10 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Widget in all versions up to, and… |
CVE-2024-0376 | Medium | 6.4 | 2024-04-09 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Wrapper Link Widget in all versions up to… |
CVE-2024-2399 | Medium | 6.4 | 2024-03-15 | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and includin… |