Vulnerabilities > Wpmet
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-06 | CVE-2024-33570 | Unspecified vulnerability in Wpmet Metform Elementor Contact Form Builder Missing Authorization vulnerability in Wpmet Metform Elementor Contact Form Builder.This issue affects Metform Elementor Contact Form Builder: from n/a through 3.8.3. | 8.8 |
| 2024-05-02 | CVE-2024-3650 | Cross-site Scripting vulnerability in Wpmet Elements KIT Elementor Addons The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions 3.0.7 through 3.1.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-04-22 | CVE-2024-32684 | Unspecified vulnerability in Wpmet WP Ultimate Review Missing Authorization vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5. | 7.5 |
| 2024-04-19 | CVE-2024-32683 | Unspecified vulnerability in Wpmet WP Ultimate Review Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5. | 7.5 |
| 2024-04-19 | CVE-2024-3598 | Cross-site Scripting vulnerability in Wpmet Elementskit The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Creative Button widget in all versions up to, and including, 3.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-04-17 | CVE-2024-32505 | Unspecified vulnerability in Wpmet Elements KIT Elementor Addons Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wpmet Elements kit Elementor addons allows Stored XSS.This issue affects Elements kit Elementor addons: from n/a through 3.0.6. | 5.4 |
| 2024-04-04 | CVE-2024-2803 | Cross-site Scripting vulnerability in Wpmet Elements KIT Elementor Addons The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-04-02 | CVE-2024-2791 | Cross-site Scripting vulnerability in Wpmet Metform Elementor Contact Form Builder The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 3.8.5 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-03-30 | CVE-2024-1238 | Cross-site Scripting vulnerability in Wpmet Elements KIT Elementor Addons The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button ID parameter in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-03-16 | CVE-2023-6525 | Cross-site Scripting vulnerability in Wpmet Elementskit Elementor Addons The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the progress bar element attributes in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping. | 4.8 |