Vulnerabilities > Nicheaddons > Charity Addon FOR Elementor > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-03	CVE-2024-12062	Authorization Bypass Through User-Controlled Key vulnerability in Nicheaddons Charity Addon for Elementor The Charity Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.2 via the 'nacharity_elementor_template' shortcode due to insufficient restrictions on which posts can be included. network low complexity nicheaddons CWE-639	4.3
2024-11-19	CVE-2024-51938	Cross-site Scripting vulnerability in Nicheaddons Charity Addon for Elementor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Charity Addon for Elementor allows DOM-Based XSS.This issue affects Charity Addon for Elementor: from n/a through 1.3.2. network low complexity nicheaddons CWE-79	5.4
2024-10-06	CVE-2024-44026	Cross-site Scripting vulnerability in Nicheaddons Charity Addon for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Charity Addon for Elementor allows Stored XSS.This issue affects Charity Addon for Elementor: from n/a through 1.3.0. network low complexity nicheaddons CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.