VYPR

Premium Addons PRO

by WordPress

CVEs (4)

  • CVE-2023-34012HigJun 23, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions.

  • CVE-2024-1997MedMar 13, 2024
    risk 0.42cvss 6.4epss 0.00

    The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'premium_fbchat_app_id' parameter of the Messenger Chat Widget in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping. This makes it…

  • CVE-2024-1996MedMar 13, 2024
    risk 0.42cvss 6.4epss 0.00

    The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's IHover widget link in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…

  • CVE-2023-37868MedNov 30, 2023
    risk 0.42cvss 6.5epss 0.01

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0.