Premium Addons for Elementor

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Premium Addons for Elementor

Information

Software Type Plugin
Software Slug premium-addons-for-elementor (view on wordpress.org)
Software Status Active
Software Author leap13
Software Website premiumaddons.com
Software Downloads 33,726,442
Software Active Installs 700,000
Software Record Last Updated July 27, 2024

Showing 1-20 of 25 Vulnerabilities

Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget
6.4
CVE-2024-6495
Jul 11, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.35 - Regular Expressions Denial of Service
3.1
CVE-2024-6434
Jul 3, 2024
Researcher: Muhammad Umer Adeem (Yldrm)
Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget
6.4
CVE-2024-6340
Jul 2, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.33 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
4.4
CVE-2024-5553
Jun 11, 2024
Researcher: wesley (wcraft)
Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget
6.4
CVE-2024-4376
May 30, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Global Tooltip
5.4
CVE-2024-4379
May 30, 2024
Researcher: wesley (wcraft)
Premium Addons for Elementor <= 4.10.31 - Missing Authorization to Information Disclosure
4.3
CVE-2024-4205
May 30, 2024
Researcher: Thura Moe Myint (mgthuramoemyint)
Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Menu and Shape Divider
6.4
CVE-2024-4378
May 22, 2024
Researcher: stealthcopter
Premium Addons for Elementor <= 4.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting
5.4
CVE-2024-4203
Apr 29, 2024
Researcher: Ngô Thiên An (ancorn_)
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style'
6.4
CVE-2024-3647
Apr 24, 2024
Researcher: stealthcopter
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-3885
Apr 23, 2024
Researcher: Ngô Thiên An (ancorn_)
Premium Addons for Elementor <= 4.10.25 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-32791
Apr 22, 2024
Researcher: Ray Wilson
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-2664
Apr 9, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button
6.5
CVE-2024-2665
Apr 9, 2024
Researcher: Dau Hoang Tai
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
5.4
CVE-2024-2666
Apr 9, 2024
Researcher: wesley (wcraft)
Premium Addons for Elementor <= 4.10.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Wrapper Link Widget
6.4
CVE-2024-0376
Apr 9, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.22 - Authenticated (Contributor+) Sensitive Information Exposure
5.3
CVE-2024-31278
Apr 5, 2024
Researcher: Khalid
Premium Addons for Elementor <= 4.10.23 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-2399
Mar 14, 2024
Researcher: wesley (wcraft)
Premium Addons for Elementor <= 4.10.17 - Authenticated(Contributor+) Stored Cross-Site Scripting via Link Wrapper
6.4
CVE-2024-0326
Mar 12, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner, Team Members, and Image Scroll Widgets
6.4
CVE-2024-1680
Feb 28, 2024
Researcher: Webbernaut
Title Status CVE ID CVSS Researchers Date
Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget Patched CVE-2024-6495 6.4 Webbernaut July 11, 2024
Premium Addons for Elementor <= 4.10.35 - Regular Expressions Denial of Service Patched CVE-2024-6434 3.1 Muhammad Umer Adeem (Yldrm) July 3, 2024
Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget Patched CVE-2024-6340 6.4 Webbernaut July 2, 2024
Premium Addons for Elementor <= 4.10.33 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting Patched CVE-2024-5553 4.4 wesley (wcraft) June 11, 2024
Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget Patched CVE-2024-4376 6.4 Webbernaut May 30, 2024
Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Global Tooltip Patched CVE-2024-4379 5.4 wesley (wcraft) May 30, 2024
Premium Addons for Elementor <= 4.10.31 - Missing Authorization to Information Disclosure Patched CVE-2024-4205 4.3 Thura Moe Myint (mgthuramoemyint) May 30, 2024
Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Menu and Shape Divider Patched CVE-2024-4378 6.4 stealthcopter May 22, 2024
Premium Addons for Elementor <= 4.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-4203 5.4 Ngô Thiên An (ancorn_) April 29, 2024
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style' Patched CVE-2024-3647 6.4 stealthcopter April 24, 2024
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-3885 6.4 Ngô Thiên An (ancorn_) April 23, 2024
Premium Addons for Elementor <= 4.10.25 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-32791 6.4 Ray Wilson April 22, 2024
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-2664 6.4 Webbernaut April 9, 2024
Premium Addons for Elementor <= 4.10.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Patched CVE-2024-2665 6.5 Dau Hoang Tai April 9, 2024
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting Patched CVE-2024-2666 5.4 wesley (wcraft) April 9, 2024
Premium Addons for Elementor <= 4.10.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Wrapper Link Widget Patched CVE-2024-0376 6.4 Webbernaut April 9, 2024
Premium Addons for Elementor <= 4.10.22 - Authenticated (Contributor+) Sensitive Information Exposure Patched CVE-2024-31278 5.3 Khalid April 5, 2024
Premium Addons for Elementor <= 4.10.23 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-2399 6.4 wesley (wcraft) March 14, 2024
Premium Addons for Elementor <= 4.10.17 - Authenticated(Contributor+) Stored Cross-Site Scripting via Link Wrapper Patched CVE-2024-0326 6.4 Webbernaut March 12, 2024
Premium Addons for Elementor <= 4.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner, Team Members, and Image Scroll Widgets Patched CVE-2024-1680 6.4 Webbernaut February 28, 2024

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation