Webtechstreet Elementor_addon_elements
25 CVEs affecting Webtechstreet Elementor_addon_elements. Latest disclosed: 2025-01-15. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-1358 | High | 8.8 | 2024-03-13 | The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. T… |
CVE-2024-47361 | Medium | 6.5 | 2024-11-01 | Missing Authorization vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder.This issue affects Elementor Addon Elements… |
CVE-2024-47366 | Medium | 6.5 | 2024-10-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements addon-elements-for-eleme… |
CVE-2024-30422 | Medium | 6.5 | 2024-03-28 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements addon-elements-for-eleme… |
CVE-2024-29107 | Medium | 6.5 | 2024-03-19 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This i… |
CVE-2024-7122 | Medium | 6.4 | 2024-08-30 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.13… |
CVE-2024-4401 | Medium | 6.4 | 2024-08-30 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ and 'eae_slider_animation' parameters in all versio… |
CVE-2024-4570 | Medium | 6.4 | 2024-06-27 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in versions up to, and including, 1.13.5… |
CVE-2024-4569 | Medium | 6.4 | 2024-06-27 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in versions up to, and including, 1.13.5… |
CVE-2024-3743 | Medium | 6.4 | 2024-05-02 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, In… |
CVE-2024-2792 | Medium | 6.4 | 2024-04-09 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in all versions up to, and including, 1.13.2 due to… |
CVE-2024-1422 | Medium | 6.4 | 2024-03-13 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the modal popup widget's effect setting in all versions up t… |
CVE-2024-1393 | Medium | 6.4 | 2024-03-13 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'icon_align' attribute of the Content Switcher widget in… |
CVE-2024-1392 | Medium | 6.4 | 2024-03-13 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button1_icon' attribute of the Dual Button widget in al… |
CVE-2024-1391 | Medium | 6.4 | 2024-03-13 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eae_custom_overlay_switcher’ attribute of the Thumbnail… |
CVE-2024-0834 | Medium | 6.4 | 2024-02-05 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link_to parameter in all versions up to, and including… |
CVE-2024-2092 | Medium | 5.4 | 2024-06-12 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Twitter Widget in all versions up to, and inclu… |
CVE-2024-2091 | Medium | 5.4 | 2024-03-28 | The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1… |
CVE-2023-4690 | Medium | 5.4 | 2023-11-15 | The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. This is due to missing… |
CVE-2023-4689 | Medium | 5.4 | 2023-11-15 | The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. This is due to missing… |