Posimyth The_plus_addons_for_elementor
37 CVEs affecting Posimyth The_plus_addons_for_elementor. Latest disclosed: 2025-03-08. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-24949 | Critical | 9.8 | 2022-01-10 | The "WP Search Filters" widget of The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not sanitise and escape the option parameter before us… |
CVE-2021-24175 | Critical | 9.8 | 2021-04-05 | The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing… |
CVE-2024-5455 | High | 8.8 | 2024-06-21 | The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.5.4 via the 'maga… |
CVE-2021-4331 | High | 8.8 | 2023-03-07 | The Plus Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 4.1.9 (pro) and 2.0.6 (free). The plu… |
CVE-2023-47178 | High | 8.6 | 2024-05-17 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows PH… |
CVE-2021-24948 | High | 7.5 | 2022-01-10 | The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which co… |
CVE-2024-53823 | Medium | 6.5 | 2024-12-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite… |
CVE-2024-43932 | Medium | 6.5 | 2024-11-01 | Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder.This issue affects T… |
CVE-2024-35709 | Medium | 6.5 | 2024-06-08 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite… |
CVE-2024-34373 | Medium | 6.5 | 2024-05-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite… |
CVE-2021-4332 | Medium | 6.5 | 2023-03-07 | The Plus Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in versions up to, and including 4.1.9 (pro) and 2.0.6 (free). The plu… |
CVE-2025-1287 | Medium | 6.4 | 2025-03-08 | The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site S… |
CVE-2024-11829 | Medium | 6.4 | 2025-02-01 | The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site S… |
CVE-2024-5583 | Medium | 6.4 | 2024-08-22 | The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site S… |
CVE-2024-6575 | Medium | 6.4 | 2024-08-20 | The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site S… |
CVE-2024-5763 | Medium | 6.4 | 2024-08-20 | The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site S… |
CVE-2024-4482 | Medium | 6.4 | 2024-07-03 | The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site S… |
CVE-2024-4983 | Medium | 6.4 | 2024-06-27 | The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site S… |
CVE-2024-5341 | Medium | 6.4 | 2024-05-30 | The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' attribute of the Heading Title… |
CVE-2024-4485 | Medium | 6.4 | 2024-05-24 | The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site S… |