1.4.8

DATE	CVE	VULNERABILITY TITLE	RISK
2025-04-26	CVE-2024-13808	Code Injection vulnerability in Wpxpro Xpro Addons for Elementor The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom PHP widget. network low complexity wpxpro CWE-94	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.