Themesgrove All-in-one_addons_for_elementor
6 CVEs affecting Themesgrove All-in-one_addons_for_elementor. Latest disclosed: 2025-07-02. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-37428 | Medium | 6.5 | 2024-07-22 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue… |
CVE-2025-2330 | Medium | 6.4 | 2025-07-02 | The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button+modal' widget in all… |
CVE-2024-2137 | Medium | 6.4 | 2024-04-12 | The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple pricing widgets (e.g. Pricing Si… |
CVE-2021-24267 | Medium | 5.4 | 2021-05-05 | The “All-in-One Addons for Elementor – WidgetKit” WordPress Plugin before 2.3.10 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) b… |
CVE-2022-4256 | Medium | 4.8 | 2023-01-02 | The All-in-One Addons for Elementor WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users suc… |
CVE-2024-10321 | Medium | 4.3 | 2025-03-08 | The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5… |