Vulnerabilities > Wpvibes > Elementor Addon Elements > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-30 CVE-2024-7122 Cross-site Scripting vulnerability in Wpvibes Elementor Addon Elements
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
wpvibes CWE-79
5.4
2024-08-30 CVE-2024-4401 Cross-site Scripting vulnerability in Wpvibes Elementor Addon Elements
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ and 'eae_slider_animation' parameters in all versions up to, and including, 1.13.5 due to insufficient input sanitization and output escaping.
network
low complexity
wpvibes CWE-79
5.4
2024-06-12 CVE-2024-2092 Cross-site Scripting vulnerability in Wpvibes Elementor Addon Elements
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Twitter Widget in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
wpvibes CWE-79
5.4