Vulnerabilities > Wpdeveloper

DATE CVE VULNERABILITY TITLE RISK
2025-03-08 CVE-2025-1664 Cross-site Scripting vulnerability in Wpdeveloper Essential Blocks
The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Parallax slider in all versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping.
network
low complexity
wpdeveloper CWE-79
5.4
2024-12-31 CVE-2024-56063 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through 6.0.7.
network
low complexity
wpdeveloper CWE-79
5.4
2024-12-09 CVE-2023-47760 Missing Authorization vulnerability in Wpdeveloper Essential Blocks
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 4.2.0.
network
low complexity
wpdeveloper CWE-862
8.8
2024-12-09 CVE-2023-51359 Missing Authorization vulnerability in Wpdeveloper Essential Blocks
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 4.2.0.
network
low complexity
wpdeveloper CWE-862
8.8
2024-12-09 CVE-2023-51360 Missing Authorization vulnerability in Wpdeveloper Essential Blocks
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 4.2.0.
network
low complexity
wpdeveloper CWE-862
8.8
2024-11-15 CVE-2024-8978 Unspecified vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.9 via the 'init_content_register_user_email_controls' function.
network
low complexity
wpdeveloper
5.7
2024-11-15 CVE-2024-8979 Unspecified vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.9 via the 'init_content_lostpassword_user_email_controls' function.
network
low complexity
wpdeveloper
5.7
2024-11-15 CVE-2024-8961 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nomore_items_text’ parameter in all versions up to, and including, 6.0.7 due to insufficient input sanitization and output escaping.
network
low complexity
wpdeveloper CWE-79
5.4
2024-11-04 CVE-2024-51672 SQL Injection vulnerability in Wpdeveloper Betterlinks
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPDeveloper BetterLinks allows SQL Injection.This issue affects BetterLinks: from n/a through 2.1.7.
network
low complexity
wpdeveloper CWE-89
7.2
2024-11-01 CVE-2024-38707 Missing Authorization vulnerability in Wpdeveloper Embedpress
Missing Authorization vulnerability in WPDeveloper EmbedPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EmbedPress: from n/a through 4.0.4.
network
low complexity
wpdeveloper CWE-862
8.8