🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders

Information

Software Type	Plugin
Software Slug	essential-addons-for-elementor-lite (view on wordpress.org)
Software Status	Active
Software Author	wpdevteam
Software Website	essential-addons.com
Software Downloads	70,841,288
Software Active Installs	2,000,000
Software Record Last Updated	April 25, 2024

Showing 1-20 of 26 Vulnerabilities

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Information Exposure

5.3

CVE-2024-3733

Apr 24, 2024

Researcher: Webbernaut

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery & Interactive Circle

6.4

CVE-2024-3728

Apr 24, 2024

Researcher: stealthcopter

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2024-4003

Apr 24, 2024

Researcher: Ngô Thiên An (ancorn_)

Essential Addons for Elementor <= 5.9.14 - Authenticated (Contributor+) Store Cross-Site Scripting via Widget URL Attribute

6.4

CVE-2024-3333

Apr 16, 2024

Researcher: Ngô Thiên An (ancorn_)

Essential Addons for Elementor <= 5.9.13 - Authenticated (Author+) PHP Object Injection via error_resetpassword

8.8

CVE-2024-3018

Mar 29, 2024

Researcher: Ngô Thiên An (ancorn_)

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.13 - Unauthenticated Sensitive Information Exposure

5.3

CVE-2024-2974

Mar 29, 2024

Researcher: Ankit Patel

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2024-2650

Mar 25, 2024

Researchers: Ngô Thiên An (ancorn_), ST

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2024-2623

Mar 25, 2024

Researcher: Webbernaut

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Data Table

6.4

CVE-2024-1537

Mar 11, 2024

Researcher: wesley (wcraft)

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar

7.4

CVE-2024-1536

Mar 11, 2024

Researcher: Webbernaut

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2024-1276

Feb 12, 2024

Researcher: RandomRoot

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery

5.4

CVE-2024-1171

Feb 12, 2024

Researcher: Nikolas

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion

5.4

CVE-2024-1172

Feb 12, 2024

Researcher: wesley (wcraft)

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2024-1236

Feb 12, 2024

Researcher: Webbernaut

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2024-0954

Feb 1, 2024

Researcher: Webbernaut

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.4 - Authenticated (Contributor+) Stored Cross-Site Scritping

6.5

CVE-2024-0586

Jan 17, 2024

Researcher: Webbernaut

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image URl

5.4

CVE-2024-0585

Jan 17, 2024

Researcher: Webbernaut

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2023-7044

Jan 3, 2024

Researcher: Webbernaut

Essential Addons for Elementor <= 5.8.8 - Authenticated (Contributor+) Privilege Escalation

8.8

CVE-2023-41955

Sep 14, 2023

Researcher: Rafie Muhammad

Essential Addons For Elementor <=5.8.1 - Unauthenticated MailChimp API Key Disclosure

5.3

CVE-2023-3779

Jul 19, 2023

Researcher: Ulyses Saicha

Title	CVE ID	CVSS	Researchers	Date
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Information Exposure	CVE-2024-3733	5.3	Webbernaut	April 24, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery & Interactive Circle	CVE-2024-3728	6.4	stealthcopter	April 24, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2024-4003	6.4	Ngô Thiên An (ancorn_)	April 24, 2024
Essential Addons for Elementor <= 5.9.14 - Authenticated (Contributor+) Store Cross-Site Scripting via Widget URL Attribute	CVE-2024-3333	6.4	Ngô Thiên An (ancorn_)	April 16, 2024
Essential Addons for Elementor <= 5.9.13 - Authenticated (Author+) PHP Object Injection via error_resetpassword	CVE-2024-3018	8.8	Ngô Thiên An (ancorn_)	March 29, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.13 - Unauthenticated Sensitive Information Exposure	CVE-2024-2974	5.3	Ankit Patel	March 29, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2024-2650	6.4	Ngô Thiên An (ancorn_), ST	March 25, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2024-2623	6.4	Webbernaut	March 25, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Data Table	CVE-2024-1537	6.4	wesley (wcraft)	March 11, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar	CVE-2024-1536	7.4	Webbernaut	March 11, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2024-1276	6.4	RandomRoot	February 12, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery	CVE-2024-1171	5.4	Nikolas	February 12, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion	CVE-2024-1172	5.4	wesley (wcraft)	February 12, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2024-1236	6.4	Webbernaut	February 12, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2024-0954	6.4	Webbernaut	February 1, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.4 - Authenticated (Contributor+) Stored Cross-Site Scritping	CVE-2024-0586	6.5	Webbernaut	January 17, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image URl	CVE-2024-0585	5.4	Webbernaut	January 17, 2024
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2023-7044	6.4	Webbernaut	January 3, 2024
Essential Addons for Elementor <= 5.8.8 - Authenticated (Contributor+) Privilege Escalation	CVE-2023-41955	8.8	Rafie Muhammad	September 14, 2023
Essential Addons For Elementor <=5.8.1 - Unauthenticated MailChimp API Key Disclosure	CVE-2023-3779	5.3	Ulyses Saicha	July 19, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation