Posimyth The Plus Addons For Elementor — known CVE vulnerabilities
Every CVE whose affected-product data names Posimyth The Plus Addons For Elementor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (37)
CVE-2021-24175 — CVSS 9.8 (critical): The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass…
CVE-2021-24949 — CVSS 9.8 (critical): The "WP Search Filters" widget of The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not sanitise and escape the option…
CVE-2021-4331 — CVSS 8.8 (high): The Plus Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 4.1.9 (pro) and…
CVE-2024-5455 — CVSS 8.8 (high): The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including…
CVE-2023-47178 — CVSS 8.6 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in POSIMYTH Innovation The Plus Addons for…
CVE-2021-24948 — CVSS 7.5 (high): The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax…
CVE-2024-43932 — CVSS 6.5 (medium): Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder.T…
CVE-2024-53823 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for…
CVE-2021-4332 — CVSS 6.5 (medium): The Plus Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in versions up to, and including 4.1.9 (pro) and…
CVE-2024-34373 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for…
CVE-2024-35709 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for…
CVE-2025-1287 — CVSS 6.4 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2024-0445 — CVSS 6.4 (medium): The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's element attributes in…
CVE-2024-11829 — CVSS 6.4 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2024-1419 — CVSS 6.4 (medium): The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’ attribute of the…
CVE-2024-2203 — CVSS 6.4 (medium): The The Plus Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.4.1…
CVE-2024-2210 — CVSS 6.4 (medium): The The Plus Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.4.1…
CVE-2024-2784 — CVSS 6.4 (medium): The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Hover Card widget in all…
CVE-2024-2785 — CVSS 6.4 (medium): The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate widget in all versions…
CVE-2024-3197 — CVSS 6.4 (medium): The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom attributes in the plugin's…
CVE-2024-3199 — CVSS 6.4 (medium): The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all…
CVE-2024-3718 — CVSS 6.4 (medium): The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's widgets all…
CVE-2024-4484 — CVSS 6.4 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2024-4485 — CVSS 6.4 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2024-4983 — CVSS 6.4 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2024-5341 — CVSS 6.4 (medium): The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' attribute…
CVE-2024-5583 — CVSS 6.4 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2024-5763 — CVSS 6.4 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2024-6575 — CVSS 6.4 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2024-4482 — CVSS 6.4 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2021-24358 — CVSS 6.1 (medium): The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.10 did not validate a redirect parameter on a specifically crafted…
CVE-2024-5344 — CVSS 6.1 (medium): The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘forgoturl’…
CVE-2021-24351 — CVSS 6.1 (medium): The theplus_more_post AJAX action of The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.12 did not properly sanitise…
CVE-2024-43977 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for…
CVE-2021-24359 — CVSS 5.3 (medium): The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset…
CVE-2024-10365 — CVSS 4.3 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2024-8913 — CVSS 4.3 (medium): The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…