Vulnerabilities > Themesflat > Themesflat Addons FOR Elementor > 1.0.1

DATE CVE VULNERABILITY TITLE RISK
2025-01-08 CVE-2024-12205 Cross-site Scripting vulnerability in Themesflat Addons for Elementor
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider Widget in all versions up to, and including, 2.2.4 due to insufficient input sanitization and output escaping.
network
low complexity
themesflat CWE-79
5.4
5.4
2024-12-06 CVE-2024-53796 Cross-site Scripting vulnerability in Themesflat Addons for Elementor
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat Themesflat Addons For Elementor allows DOM-Based XSS.This issue affects Themesflat Addons For Elementor: from n/a through 2.2.2.
network
low complexity
themesflat CWE-79
5.4
5.4
2024-10-17 CVE-2024-49310 Cross-site Scripting vulnerability in Themesflat Addons for Elementor
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themesflat Themesflat Addons For Elementor allows Stored XSS.This issue affects Themesflat Addons For Elementor: from n/a through 2.2.0.
network
low complexity
themesflat CWE-79
5.4
5.4