Premium Addons for Elementor

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Premium Addons for Elementor

Information

Software Type Plugin
Software Slug premium-addons-for-elementor (view on wordpress.org)
Software Status Active
Software Author leap13
Software Website premiumaddons.com
Software Downloads 31,586,692
Software Active Installs 700,000
Software Record Last Updated April 27, 2024

15 Vulnerabilities

Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style'
6.4
CVE-2024-3647
Apr 24, 2024
Researcher: stealthcopter
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-3885
Apr 23, 2024
Researcher: Ngô Thiên An (ancorn_)
Premium Addons for Elementor <= 4.10.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Wrapper Link Widget
6.4
CVE-2024-0376
Apr 9, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-2664
Apr 9, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button
6.5
CVE-2024-2665
Apr 9, 2024
Researcher: Dau Hoang Tai
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
5.4
CVE-2024-2666
Apr 9, 2024
Researcher: wesley (wcraft)
Premium Addons for Elementor <= 4.10.22 - Authenticated (Contributor+) Sensitive Information Exposure
5.3
CVE-2024-31278
Apr 5, 2024
Researcher: Khalid
Premium Addons for Elementor <= 4.10.23 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-2399
Mar 14, 2024
Researcher: wesley (wcraft)
Premium Addons for Elementor <= 4.10.17 - Authenticated(Contributor+) Stored Cross-Site Scripting via Link Wrapper
6.4
CVE-2024-0326
Mar 12, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner, Team Members, and Image Scroll Widgets
6.4
CVE-2024-1680
Feb 28, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via onClick Events
4.9
CVE-2024-0326
Feb 14, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-1242
Feb 14, 2024
Researcher: Nikolas
Premium Addons for Elementor <= 4.10.16 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-24831
Feb 2, 2024
Researcher: Abu Hurayra
Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update
6.5
CVE ID Unknown
Aug 30, 2021
Researcher: WPScanTeam
Premium Addons for Elementor <=4.2.7 Contributor+ Stored Cross-Site Scripting
5.4
CVE-2021-24257
Apr 13, 2021
Researcher: Ram
Title CVE ID CVSS Researchers Date
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style' CVE-2024-3647 6.4 stealthcopter April 24, 2024
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-3885 6.4 Ngô Thiên An (ancorn_) April 23, 2024
Premium Addons for Elementor <= 4.10.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Wrapper Link Widget CVE-2024-0376 6.4 Webbernaut April 9, 2024
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-2664 6.4 Webbernaut April 9, 2024
Premium Addons for Elementor <= 4.10.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button CVE-2024-2665 6.5 Dau Hoang Tai April 9, 2024
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting CVE-2024-2666 5.4 wesley (wcraft) April 9, 2024
Premium Addons for Elementor <= 4.10.22 - Authenticated (Contributor+) Sensitive Information Exposure CVE-2024-31278 5.3 Khalid April 5, 2024
Premium Addons for Elementor <= 4.10.23 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-2399 6.4 wesley (wcraft) March 14, 2024
Premium Addons for Elementor <= 4.10.17 - Authenticated(Contributor+) Stored Cross-Site Scripting via Link Wrapper CVE-2024-0326 6.4 Webbernaut March 12, 2024
Premium Addons for Elementor <= 4.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner, Team Members, and Image Scroll Widgets CVE-2024-1680 6.4 Webbernaut February 28, 2024
Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via onClick Events CVE-2024-0326 4.9 Webbernaut February 14, 2024
Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-1242 6.4 Nikolas February 14, 2024
Premium Addons for Elementor <= 4.10.16 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-24831 6.4 Abu Hurayra February 2, 2024
Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update 6.5 WPScanTeam August 30, 2021
Premium Addons for Elementor <=4.2.7 Contributor+ Stored Cross-Site Scripting CVE-2021-24257 5.4 Ram April 13, 2021

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation