Vulnerabilities > Exclusiveaddons > Exclusive Addons FOR Elementor > 1.1.6

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-02	CVE-2024-2750	Cross-site Scripting vulnerability in Exclusiveaddons Exclusive Addons for Elementor The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attribute of the Button widget in all versions up to, and including, 2.6.9.3 due to insufficient input sanitization and output escaping. network low complexity exclusiveaddons CWE-79	5.4
2024-05-02	CVE-2024-2751	Cross-site Scripting vulnerability in Exclusiveaddons Exclusive Addons for Elementor The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘exad_infobox_animating_mask_style’ parameter in all versions up to, and including, 2.6.9.2 due to insufficient input sanitization and output escaping. network low complexity exclusiveaddons CWE-79	5.4
2024-05-02	CVE-2024-3489	Cross-site Scripting vulnerability in Exclusiveaddons Exclusive Addons for Elementor The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the Countdown Expired Title in all versions up to, and including, 2.6.9.4 due to insufficient input sanitization and output escaping. network low complexity exclusiveaddons CWE-79	5.4
2024-05-02	CVE-2024-3985	Cross-site Scripting vulnerability in Exclusiveaddons Exclusive Addons for Elementor The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Call to Action widget in all versions up to, and including, 2.6.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity exclusiveaddons CWE-79	5.4
2024-03-13	CVE-2024-1234	Cross-site Scripting vulnerability in Exclusiveaddons Exclusive Addons for Elementor The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via data attribute in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. network low complexity exclusiveaddons CWE-79	5.4
2024-03-13	CVE-2024-1413	Cross-site Scripting vulnerability in Exclusiveaddons Exclusive Addons for Elementor The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. network low complexity exclusiveaddons CWE-79	5.4
2024-03-13	CVE-2024-1414	Cross-site Scripting vulnerability in Exclusiveaddons Exclusive Addons for Elementor The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Call To Action widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. network low complexity exclusiveaddons CWE-79	5.4
2024-03-13	CVE-2024-2028	Cross-site Scripting vulnerability in Exclusiveaddons Exclusive Addons for Elementor The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Covid-19 Stats Widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. network low complexity exclusiveaddons CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.