Leap13 Premium Addons For Elementor — known CVE vulnerabilities
Every CVE whose affected-product data names Leap13 Premium Addons For Elementor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (36)
CVE-2023-34012 — CVSS 7.1 (high): Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions.
CVE-2021-4445 — CVSS 6.5 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Arbitrary Option Updates in versions up to, and including, 4.5.1…
CVE-2024-37922 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor…
CVE-2024-29106 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor…
CVE-2024-24831 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor…
CVE-2024-32791 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor…
CVE-2024-11937 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile…
CVE-2024-1242 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all…
CVE-2024-1680 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Settings URL of the…
CVE-2024-2399 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions…
CVE-2024-2664 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Widget in all…
CVE-2024-2665 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button in all versions…
CVE-2025-4774 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of…
CVE-2024-3647 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in…
CVE-2024-3885 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the subcontainer value parameter in…
CVE-2024-8681 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in…
CVE-2024-4378 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's menu and shape widgets…
CVE-2024-4376 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in…
CVE-2024-0326 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Link Wrapper…
CVE-2024-6495 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in…
CVE-2024-0376 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Wrapper Link Widget in…
CVE-2024-6340 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all…
CVE-2024-10266 — CVSS 6.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Box widget in all…
CVE-2021-24257 — CVSS 5.4 (medium): The “Premium Addons for Elementor” WordPress Plugin before 4.2.8 has several widgets that are vulnerable to stored Cross-Site Scripting…
CVE-2024-2666 — CVSS 5.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Bullet List…
CVE-2024-4203 — CVSS 5.4 (medium): The Premium Addons Pro for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the maps widget in all versions…
CVE-2024-4379 — CVSS 5.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Global Tooltip widget…
CVE-2024-56225 — CVSS 5.4 (medium): Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Accessing Functionality Not…
CVE-2025-68494 — CVSS 5.3 (medium): Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Leap13 Premium Addons for Elementor…
CVE-2025-14155 — CVSS 5.3 (medium): The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of…
CVE-2024-5553 — CVSS 4.4 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via several parameters in all…
CVE-2024-6824 — CVSS 4.3 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing…
CVE-2024-4205 — CVSS 4.3 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…
CVE-2025-14163 — CVSS 4.3 (medium): The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including…
CVE-2024-31278 — CVSS 4.3 (medium): Insertion of Sensitive Information Into Sent Data vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor.This…
CVE-2024-6434 — CVSS 3.1 (low): The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to…