XSS vulnerabilities
The Plus Addons for Elementor Vulnerability – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce – Authenticated Stored Cross-Site Scripting – CVE-2024-3197, CVE-2024-3199 | WordPress Plugin Vulnerability Report
Plugin Name: The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce Key Information: Software Type: Plugin Software Slug: the-plus-addons-for-elementor-page-builder Software Status: Active Software Author: posimyththemes Software Downloads: 2,244,805 Active Installs: 100,000 Last Updated: May 10, 2024 Patched Versions: 5.5.0 Affected Versions: <= 5.4.2 Vulnerability Details: Name: The Plus Addons for…
Read More
Premium Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘arrow_style’ – CVE-2024-3647 | WordPress Plugin Vulnerability Report
Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13 Software Downloads: 31,878,013 Active Installs: 700,000 Last Updated: May 9, 2024 Patched Versions: 4.10.29 Affected Versions: <= 4.10.28 Vulnerability Details: Name: Premium Addons for Elementor <= 4.10.28 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via ‘arrow_style’…
Read More
Exclusive Addons for Elementor Vulnerability – Multiple Stored XSS Vulnerabilities – Multiple CVEs | WordPress Plugin Vulnerability Report
Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 841,164 Active Installs: 60,000 Last Updated: May 6, 2024 Patched Versions: 2.6.9.5, 2.6.9.4 Affected Versions: <= 2.6.9.4, <= 2.6.9.3 Vulnerability Details: Name: Exclusive Addons for Elementor <= 2.6.9.4 Title: Authenticated (Contributor+) Stored Cross-Site…
Read More
Royal Elementor Addons and Templates Vulnerability – Multiple Stored XSS Issues and IP Spoofing – Various CVEs |WordPress Plugin Vulnerability Report
Plugin Name: Royal Elementor Addons and Templates Key Information: Software Type: Plugin Software Slug: royal-elementor-addons Software Status: Active Software Author: wproyal Software Downloads: 5,140,265 Active Installs: 300,000 Last Updated: May 6, 2024 Patched Versions: 1.3.972, 1.3.95 Affected Versions: <= 1.3.971, <= 1.3.93 Vulnerability Details: Authenticated Stored Cross-Site Scripting via Flip Carousel, Flip Box, Post Grid,…
Read More
Gutenberg Blocks by Kadence Blocks Vulnerability – Page Builder Features – Multiple Vulnerabilities – CVE-2024-0598 & CVE-2024-2919 | WordPress Plugin Vulnerability Report
Plugin Name: Gutenberg Blocks by Kadence Blocks – Page Builder Features Key Information: Software Type: Plugin Software Slug: kadence-blocks Software Status: Active Software Author: britner Software Downloads: 17,837,802 Active Installs: 400,000 Last Updated: April 3, 2024 Patched Versions: 3.2.18 Affected Versions: <= 3.2.17 for CVE-2024-0598 and <= 3.2.31 for CVE-2024-2919 Vulnerability 1 Details: Name: Gutenberg…
Read More
Exclusive Addons for Elementor Vulnerability- Stored Cross-Site Scripting Vulnerabilities – CVE-2024-0824 & CVE-2024-0823 |WordPress Plugin Vulnerability Report
Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 688,917 Active Installs: 50,000 Last Updated: February 1, 2024 Patched Versions: 2.6.9 Affected Versions: <= 2.6.8 Vulnerability Details (Section 1): Name: Exclusive Addons for Elementor <= 2.6.8 Title: Authenticated (Contributor+) Stored Cross-Site Scripting…
Read More