Vulnerabilities > Wpdeveloper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-09 | CVE-2024-31274 | Unspecified vulnerability in Wpdeveloper Embedpress Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.11. | 5.3 |
| 2024-06-09 | CVE-2024-30467 | Unspecified vulnerability in Wpdeveloper Essential Blocks Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9. | 8.8 |
| 2024-06-07 | CVE-2024-5612 | Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eael_lightbox_open_btn_icon’ parameter within the Lightbox & Modal widget in all versions up to, and including, 5.8.15 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-06-06 | CVE-2024-5188 | Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'get_manual_calendar_events' function in all versions up to, and including, 5.9.22 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-06-05 | CVE-2024-5571 | Cross-site Scripting vulnerability in Wpdeveloper Embedpress The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute within the plugin's EmbedPress PDF widget in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-05-30 | CVE-2024-5073 | Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter Feed component in all versions up to, and including, 5.9.21 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-05-14 | CVE-2024-4624 | Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugins for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eael_ext_toc_title_tag’ parameter in versions up to, and including, 5.9.20 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-05-14 | CVE-2024-4275 | Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Interactive Circle widget in all versions up to, and including, 5.9.19 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-05-14 | CVE-2024-4316 | Cross-site Scripting vulnerability in Wpdeveloper Embedpress The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.9.16 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-05-14 | CVE-2024-4448 | Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' widgets in all versions up to, and including, 5.9.19 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.1 |