Royal-elementor-addons Royal_elementor_addons

58 CVEs affecting Royal-elementor-addons Royal_elementor_addons. Latest disclosed: 2025-06-26. Critical: 1, High: 3.

Top CVEs affecting Royal-elementor-addons Royal_elementor_addons
CVESeverityScorePublishedSummary
CVE-2023-5360Critical9.82023-10-31The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to u…
CVE-2024-1567High8.22024-05-02The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to limited file uploads due to missing file type validation in the 'file_validity'…
CVE-2023-5922High7.52024-01-16The Royal Elementor Addons and Templates WordPress plugin before 1.3.81 does not ensure that users accessing posts via an AJAX action (and REST endpoint, curre…
CVE-2024-56226High7.12024-12-31Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons al…
CVE-2025-39361Medium6.52025-05-07Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons al…
CVE-2024-56062Medium6.52024-12-31Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons al…
CVE-2024-50442Medium6.52024-10-28Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows XML Injection.This issue a…
CVE-2024-44001Medium6.52024-09-18Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons.Th…
CVE-2024-31236Medium6.52024-04-07Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This is…
CVE-2025-5338Medium6.42025-06-26The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.7.102…
CVE-2025-3813Medium6.42025-05-31The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_elementor_data’ parameter in all versions…
CVE-2025-1456Medium6.42025-04-12The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `widgetGrid`, `widgetCountDown`, and `widget…
CVE-2025-1455Medium6.42025-04-12The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Woo Grid widget in all versions up to, and i…
CVE-2024-9682Medium6.42024-11-13The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Form Builder widget in all versions…
CVE-2024-9668Medium6.42024-11-13The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up…
CVE-2024-9059Medium6.42024-11-13The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget in all versions up to, an…
CVE-2024-8482Medium6.42024-10-08The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and i…
CVE-2024-5818Medium6.42024-07-24The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widg…
CVE-2024-4489Medium6.42024-06-07The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘custom_upload_mimes’ function in versions u…
CVE-2024-4488Medium6.42024-06-07The Royal Elementor Addons and Templates for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘inline_list’ parameter in versions up to, and incl…