Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters – CVE-2024-4401, CVE-2024-7122 | WordPress Plugin Vulnerability Report

Plugin Name: Elementor Addon Elements Key Information: Software Type: Plugin Software Slug: addon-elements-for-elementor-page-builder Software Status: Active Software Author: webtechstreet Software Downloads: 2,783,086 Active Installs: 100,000 Last Updated: September 14, 2024 Patched Versions: 1.13.6, 1.13.7 Affected Versions: <= 1.13.5, <= 1.13.6 Vulnerability 1 Details: Name: Elementor Addon Elements <= 1.13.5 Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-4401 CVSS Score:…

Read More

Beaver Builder – WordPress Page Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter – CVE-2024-7895 | WordPress Plugin Vulnerability Report

Plugin Name: Beaver Builder – WordPress Page Builder Key Information: Software Type: Plugin Software Slug: beaver-builder-lite-version Software Status: Active Software Author: justinbusa Software Downloads: 10,741,953 Active Installs: 100,000 Last Updated: September 3, 2024 Patched Versions: 2.8.3.6 Affected Versions: <= 2.8.3.5 Vulnerability Details: Name: Beaver Builder (Lite Version) <= 2.8.3.5 Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-7895 CVSS Score:…

Read More

Jeg Elementor Kit Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via SVG File – CVE-2024-6804 | WordPress Plugin Vulnerability Report

Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software Downloads: 1,587,316 Active Installs: 200,000 Last Updated: September 14, 2024 Patched Versions: 2.6.8 Affected Versions: <= 2.6.7 Vulnerability Details: Name: Jeg Elementor Kit <= 2.6.7 Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-6804 CVSS Score: 6.4 Publicly Published: August…

Read More

Responsive Lightbox & Gallery Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via File Upload – CVE-2024-6870 | WordPress Plugin Vulnerability Report

Plugin Name: Responsive Lightbox & Gallery Key Information: Software Type: Plugin Software Slug: responsive-lightbox Software Status: Active Software Author: dfactory Software Downloads: 5,285,709 Active Installs: 200,000 Last Updated: August 23, 2024 Patched Versions: 2.4.8 Affected Versions: <= 2.4.7 Vulnerability Details: Name: Responsive Lightbox & Gallery <= 2.4.7 Title: Authenticated (Author+) Stored Cross-Site Scripting via File…

Read More

Orbit Fox by ThemeIsle Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload – CVE-2024-7778 | WordPress Plugin Vulnerability Report

Plugin Name: Orbit Fox by ThemeIsle Key Information: Software Type: Plugin Software Slug: themeisle-companion Software Status: Active Software Author: themeisle Software Downloads: 11,901,676 Active Installs: 200,000 Last Updated: August 23, 2024 Patched Versions: 2.10.37 Affected Versions: <= 2.10.36 Vulnerability Details: Name: Orbit Fox by ThemeIsle <= 2.10.36 Title: Authenticated (Author+) Stored Cross-Site Scripting via SVG…

Read More

The Plus Addons for Elementor Vulnerability- Multiple Stored Cross-Site Scripting Vulnerabilities – CVE-2024-6575 and CVE-2024-5763 | WordPress Plugin Vulnerability Report

Plugin Name: The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce Key Information: Software Type: Plugin Software Slug: the-plus-addons-for-elementor-page-builder Software Status: Active Software Author: posimyththemes Software Downloads: 2,607,204 Active Installs: 100,000 Last Updated: August 19, 2024 Patched Versions: 5.6.3 Affected Versions: <= 5.6.2 Vulnerability 1 Details: Name: The Plus Addons…

Read More

ElementsKit Pro Vulnerability – Authenticated Sensitive Information Exposure & Stored Cross-Site Scripting – CVE-2024-7063, CVE-2024-7064 | WordPress Plugin Vulnerability Report

Plugin Name: ElementsKit Pro Key Information: Software Type: Plugin Software Slug: elementskit Software Status: Active Software Author: wpmet Software Downloads: NA Active Installs: 104,000 Last Updated: July 24, 2024 Patched Versions: 3.6.6, 3.6.7 Affected Versions: <= 3.6.6, <= 3.6.5 Vulnerability 1 Details: Name: ElementsKit Pro <= 3.6.6 Title: Authenticated (Contributor+) Sensitive Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N…

Read More

Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Gallery and Countdown Widgets – CVE-2024-7247 | WordPress Plugin Vulnerability Report

Plugin Name: Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) Key Information: Software Type: Plugin Software Slug: bdthemes-element-pack-lite Software Status: Active Software Author: bdthemes Software Downloads: 2,552,973 Active Installs: 100,000 Last Updated: August 12, 2024 Patched Versions: 5.7.3 Affected Versions: <= 5.7.2 Vulnerability Details: Name: Element Pack Elementor Addons…

Read More

Lightbox & Modal Popup WordPress Plugin – FooBox Vulnerability – Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via HTML Data Attributes – CVE-2024-5668 | WordPress Plugin Vulnerability Report

Plugin Name: Lightbox & Modal Popup WordPress Plugin – FooBox Key Information: Software Type: Plugin Software Slug: foobox-image-lightbox Software Status: Active Software Author: bradvin Software Downloads: 2,407,136 Active Installs: 100,000 Last Updated: August 12, 2024 Patched Versions: 2.7.32 Affected Versions: <= 2.7.28 Vulnerability Details: Name: Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.28…

Read More

Essential Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-39649 | WordPress Plugin Vulnerability Report

Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 79,388,161 Active Installs: 2,000,000 Last Updated: August 12, 2024 Patched Versions: 5.9.27 Affected Versions: <= 5.9.26 Vulnerability Details: Name: Essential Addons for Elementor <=…

Read More