Webtechstreet Elementor Addon Elements — known CVE vulnerabilities
Every CVE whose affected-product data names Webtechstreet Elementor Addon Elements, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2024-1358 — CVSS 8.8 (high): The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via…
CVE-2024-30422 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements…
CVE-2024-47361 — CVSS 6.5 (medium): Missing Authorization vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder.This issue affects…
CVE-2024-47366 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements…
CVE-2024-29107 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements…
CVE-2024-0834 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link_to parameter in all versions up…
CVE-2024-2792 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in all versions up to, and…
CVE-2024-3743 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator…
CVE-2024-1391 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eae_custom_overlay_switcher’…
CVE-2024-1392 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button1_icon' attribute of the Dual…
CVE-2024-1393 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'icon_align' attribute of the…
CVE-2024-1422 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the modal popup widget's effect setting…
CVE-2024-7122 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to…
CVE-2024-4401 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ and 'eae_slider_animation'…
CVE-2024-4569 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in versions up…
CVE-2024-4570 — CVSS 6.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in versions up…
CVE-2021-24259 — CVSS 5.4 (medium): The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting…
CVE-2023-4689 — CVSS 5.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7…
CVE-2023-4690 — CVSS 5.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7…
CVE-2024-2091 — CVSS 5.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up…
CVE-2024-2092 — CVSS 5.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Twitter Widget in all…
CVE-2023-4723 — CVSS 5.3 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.12.7…
CVE-2023-5381 — CVSS 4.4 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and…
CVE-2024-13215 — CVSS 4.3 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including…
CVE-2024-8902 — CVSS 4.3 (medium): The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including…