Wpmet Elementskit Pro

8 CVEs affecting Wpmet Elementskit Pro. Latest disclosed: 2025-01-28. Critical: 0, High: 2.

Top CVEs affecting Wpmet Elementskit Pro
CVESeverityScorePublishedSummary
CVE-2024-3500High8.82024-05-02The ElementsKit Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.0 via the Price Menu, Hotspot, and Adv…
CVE-2024-4404High8.52024-06-14The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.6.2 via the 'render_raw' function. Th…
CVE-2025-0321Medium6.42025-01-28The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3…
CVE-2024-7064Medium6.42024-08-15The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.6.5 due to…
CVE-2024-5263Medium6.42024-06-15The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Motion Text and Table widgets in all versions up to, and…
CVE-2024-4452Medium6.42024-05-21The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in versions up to, and including, 3.6.1 due to in…
CVE-2024-3598Medium6.42024-04-19The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Creative Button widget in all versions up to, and includ…
CVE-2024-7063Medium4.32024-08-15The ElementsKit Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.6 via the 'render_raw' funct…