Xpro Xpro Elementor Addons
8 CVEs affecting Xpro Xpro Elementor Addons. Latest disclosed: 2026-05-12. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-69312 | Critical | 9.1 | 2026-01-22 | Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Upload a Web Shell to a Web Server.Thi… |
CVE-2026-45214 | High | 8.5 | 2026-05-12 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows B… |
CVE-2025-63044 | Medium | 6.5 | 2025-12-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows D… |
CVE-2025-58195 | Medium | 6.5 | 2025-08-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows S… |
CVE-2025-32163 | Medium | 6.5 | 2025-04-04 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows S… |
CVE-2024-54253 | Medium | 6.5 | 2024-12-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons.This iss… |
CVE-2024-43150 | Medium | 6.5 | 2024-08-12 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This… |
CVE-2024-34570 | Medium | 5.9 | 2024-05-08 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue a… |