Vulnerabilities > Wpdeveloper > Essential Addons FOR Elementor > 5.8.7

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-0954 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting through editing context via the 'data-eael-wrapper-link' wrapper in all versions up to, and including, 5.9.7 due to insufficient input sanitization and output escaping on user supplied protocols.
network
low complexity
wpdeveloper CWE-79
5.4
5.4
2024-01-04 CVE-2023-7044 Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom ID in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping.
network
low complexity
wpdeveloper CWE-79
5.4
5.4