Vulnerabilities > Cleversoft > Clever Addons FOR Elementor > 1.2.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-2350 | Cross-site Scripting vulnerability in Cleversoft Clever Addons for Elementor The Clever Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CAFE Icon, CAFE Team Member, and CAFE Slider widgets in all versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping. | 5.4 |
| 2021-05-05 | CVE-2021-24273 | Unspecified vulnerability in Cleversoft Clever Addons for Elementor The “Clever Addons for Elementor” WordPress Plugin before 2.1.0 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method. | 5.4 |