Vulnerabilities > Wpdeveloper > Essential Addons FOR Elementor > 5.1.6

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-0954 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting through editing context via the 'data-eael-wrapper-link' wrapper in all versions up to, and including, 5.9.7 due to insufficient input sanitization and output escaping on user supplied protocols.
network
low complexity
wpdeveloper CWE-79
5.4
5.4
2024-01-04 CVE-2023-7044 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom ID in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping.
network
low complexity
wpdeveloper CWE-79
5.4
5.4
2023-11-18 CVE-2023-32245 Unspecified vulnerability in Wpdeveloper Essential Addons for Elementor
Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Essential Addons for Elementor Pro.This issue affects Essential Addons for Elementor Pro: from n/a through 5.4.8.
network
low complexity
wpdeveloper
8.8
8.8
2023-08-29 CVE-2023-32241 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
Unauth.
network
low complexity
wpdeveloper CWE-79
6.1
6.1