Vulnerabilities > Bdthemes > Element Pack > 3.0.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-01 | CVE-2024-2455 | Cross-site Scripting vulnerability in Bdthemes Element Pack The Element Pack - Addon for Elementor Page Builder WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget wrapper link URL in all versions up to, and including, 7.9.0 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-06-04 | CVE-2024-33568 | Path Traversal vulnerability in Bdthemes Element Pack Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Deserialization of Untrusted Data vulnerability in BdThemes Element Pack Pro allows Path Traversal, Object Injection.This issue affects Element Pack Pro: from n/a before 7.19.3. | 6.5 |
| 2024-04-06 | CVE-2024-0837 | Cross-site Scripting vulnerability in Bdthemes Element Pack The Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image URL parameter in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping. | 5.4 |