Premium Addons for Elementor

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Premium Addons for Elementor

Information

Software Type Plugin
Software Slug premium-addons-for-elementor (view on wordpress.org)
Software Status Active
Software Author leap13
Software Website premiumaddons.com
Software Downloads 31,922,136
Software Active Installs 700,000
Software Record Last Updated May 20, 2024

17 Vulnerabilities

Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via onClick Events
4.9
CVE-2024-0326
Feb 14, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.22 - Authenticated (Contributor+) Sensitive Information Exposure
5.3
CVE-2024-31278
Apr 5, 2024
Researcher: Khalid
Premium Addons for Elementor <= 4.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting
5.4
CVE-2024-4203
Apr 29, 2024
Researcher: Ngô Thiên An (ancorn_)
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
5.4
CVE-2024-2666
Apr 9, 2024
Researcher: wesley (wcraft)
Premium Addons for Elementor <=4.2.7 Contributor+ Stored Cross-Site Scripting
5.4
CVE-2021-24257
Apr 13, 2021
Researcher: Ram
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style'
6.4
CVE-2024-3647
Apr 24, 2024
Researcher: stealthcopter
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-3885
Apr 23, 2024
Researcher: Ngô Thiên An (ancorn_)
Premium Addons for Elementor <= 4.10.25 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-32791
Apr 22, 2024
Researcher: Ray Wilson
Premium Addons for Elementor <= 4.10.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Wrapper Link Widget
6.4
CVE-2024-0376
Apr 9, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-2664
Apr 9, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.23 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-2399
Mar 14, 2024
Researcher: wesley (wcraft)
Premium Addons for Elementor <= 4.10.17 - Authenticated(Contributor+) Stored Cross-Site Scripting via Link Wrapper
6.4
CVE-2024-0326
Mar 12, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner, Team Members, and Image Scroll Widgets
6.4
CVE-2024-1680
Feb 28, 2024
Researcher: Webbernaut
Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-1242
Feb 14, 2024
Researcher: Nikolas
Premium Addons for Elementor <= 4.10.16 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-24831
Feb 2, 2024
Researcher: Abu Hurayra
Premium Addons for Elementor <= 4.10.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button
6.5
CVE-2024-2665
Apr 9, 2024
Researcher: Dau Hoang Tai
Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update
6.5
CVE ID Unknown
Aug 30, 2021
Researcher: WPScanTeam
Title Status CVE ID CVSS Researchers Date
Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via onClick Events Patched CVE-2024-0326 4.9 Webbernaut February 14, 2024
Premium Addons for Elementor <= 4.10.22 - Authenticated (Contributor+) Sensitive Information Exposure Patched CVE-2024-31278 5.3 Khalid April 5, 2024
Premium Addons for Elementor <= 4.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-4203 5.4 Ngô Thiên An (ancorn_) April 29, 2024
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting Patched CVE-2024-2666 5.4 wesley (wcraft) April 9, 2024
Premium Addons for Elementor <=4.2.7 Contributor+ Stored Cross-Site Scripting Patched CVE-2021-24257 5.4 Ram April 13, 2021
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style' Patched CVE-2024-3647 6.4 stealthcopter April 24, 2024
Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-3885 6.4 Ngô Thiên An (ancorn_) April 23, 2024
Premium Addons for Elementor <= 4.10.25 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-32791 6.4 Ray Wilson April 22, 2024
Premium Addons for Elementor <= 4.10.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Wrapper Link Widget Patched CVE-2024-0376 6.4 Webbernaut April 9, 2024
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-2664 6.4 Webbernaut April 9, 2024
Premium Addons for Elementor <= 4.10.23 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-2399 6.4 wesley (wcraft) March 14, 2024
Premium Addons for Elementor <= 4.10.17 - Authenticated(Contributor+) Stored Cross-Site Scripting via Link Wrapper Patched CVE-2024-0326 6.4 Webbernaut March 12, 2024
Premium Addons for Elementor <= 4.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner, Team Members, and Image Scroll Widgets Patched CVE-2024-1680 6.4 Webbernaut February 28, 2024
Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-1242 6.4 Nikolas February 14, 2024
Premium Addons for Elementor <= 4.10.16 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-24831 6.4 Abu Hurayra February 2, 2024
Premium Addons for Elementor <= 4.10.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Patched CVE-2024-2665 6.5 Dau Hoang Tai April 9, 2024
Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update Patched 6.5 WPScanTeam August 30, 2021

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation