Ideabox Powerpack Addons For Elementor — known CVE vulnerabilities
Every CVE whose affected-product data names Ideabox Powerpack Addons For Elementor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2024-3668 — CVSS 8.8 (high): The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.10.17…
CVE-2023-49739 — CVSS 7.1 (high): Vulnerability in IdeaBox Creations PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a through 2.9.23.
CVE-2024-5787 — CVSS 6.4 (medium): The PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2024-1411 — CVSS 6.4 (medium): The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the settings of the Twitter…
CVE-2024-2491 — CVSS 6.4 (medium): The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the *_html_tag* attribute of…
CVE-2024-2492 — CVSS 6.4 (medium): The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter Tweet widget in all…
CVE-2024-5327 — CVSS 6.4 (medium): The PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to DOM-Based Stored…
CVE-2021-25027 — CVSS 6.1 (medium): The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does not escape the tab parameter before outputting it back in an…
CVE-2024-1055 — CVSS 5.4 (medium): The PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2021-24263 — CVSS 5.4 (medium): The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are…
CVE-2023-6984 — CVSS 5.3 (medium): The PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Cross-Site Request…