Themesgrove All-in-one_addons_for_elementor

6 CVEs affecting Themesgrove All-in-one_addons_for_elementor. Latest disclosed: 2025-07-02. Critical: 0, High: 0.

Top CVEs affecting Themesgrove All-in-one_addons_for_elementor
CVESeverityScorePublishedSummary
CVE-2024-37428Medium6.52024-07-22Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue…
CVE-2025-2330Medium6.42025-07-02The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button+modal' widget in all…
CVE-2024-2137Medium6.42024-04-12The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple pricing widgets (e.g. Pricing Si…
CVE-2021-24267Medium5.42021-05-05The “All-in-One Addons for Elementor – WidgetKit” WordPress Plugin before 2.3.10 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) b…
CVE-2022-4256Medium4.82023-01-02The All-in-One Addons for Elementor WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users suc…
CVE-2024-10321Medium4.32025-03-08The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5…