Vulnerabilities > Wpdeveloper

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2024-8978 Unspecified vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.9 via the 'init_content_register_user_email_controls' function.
network
low complexity
wpdeveloper
5.7
2024-11-15 CVE-2024-8979 Unspecified vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.9 via the 'init_content_lostpassword_user_email_controls' function.
network
low complexity
wpdeveloper
5.7
2024-11-15 CVE-2024-8961 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nomore_items_text’ parameter in all versions up to, and including, 6.0.7 due to insufficient input sanitization and output escaping.
network
low complexity
wpdeveloper CWE-79
5.4
2024-11-04 CVE-2024-51672 SQL Injection vulnerability in Wpdeveloper Betterlinks
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPDeveloper BetterLinks allows SQL Injection.This issue affects BetterLinks: from n/a through 2.1.7.
network
low complexity
wpdeveloper CWE-89
7.2
2024-11-01 CVE-2024-43323 Unspecified vulnerability in Wpdeveloper Reviewx
Missing Authorization vulnerability in ReviewX ReviewX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReviewX: from n/a through 1.6.28.
network
low complexity
wpdeveloper
critical
9.8
2024-10-28 CVE-2024-50461 Cross-site Scripting vulnerability in Wpdeveloper Embedpress
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4.0.14.
network
low complexity
wpdeveloper CWE-79
5.4
2024-09-13 CVE-2024-8742 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
wpdeveloper CWE-79
5.4
2024-09-11 CVE-2024-8440 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
wpdeveloper CWE-79
5.4
2024-08-29 CVE-2024-43936 Cross-site Scripting vulnerability in Wpdeveloper Embedpress
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4.0.8.
network
low complexity
wpdeveloper CWE-79
5.4
2024-08-13 CVE-2024-43129 Path Traversal vulnerability in Wpdeveloper Betterdocs
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper BetterDocs allows PHP Local File Inclusion.This issue affects BetterDocs: from n/a through 3.5.8.
network
low complexity
wpdeveloper CWE-22
8.8