Vulnerabilities > Posimyth > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-01 | CVE-2024-43932 | Missing Authorization vulnerability in Posimyth the Plus Addons for Elementor Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.2. | 8.8 |
| 2024-06-21 | CVE-2024-5455 | Unspecified vulnerability in Posimyth the Plus Addons for Elementor The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.5.4 via the 'magazine_style' parameter within the Dynamic Smart Showcase widget. | 8.8 |
| 2024-06-09 | CVE-2024-33572 | Unspecified vulnerability in Posimyth Nexter Blocks Missing Authorization vulnerability in POSIMYTH The Plus Blocks for Block Editor | Gutenberg.This issue affects The Plus Blocks for Block Editor | Gutenberg: from n/a through 3.2.5. | 8.8 |
| 2023-12-29 | CVE-2023-45751 | Unspecified vulnerability in Posimyth Nexter Extension 2.0.3 Improper Control of Generation of Code ('Code Injection') vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3. | 7.2 |
| 2023-03-07 | CVE-2021-4331 | Unspecified vulnerability in Posimyth the Plus Addons for Elementor The Plus Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 4.1.9 (pro) and 2.0.6 (free). | 8.8 |
| 2022-01-10 | CVE-2021-24948 | Injection vulnerability in Posimyth the Plus Addons for Elementor The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts | 7.5 |