VYPR

Spexo Addons for Elementor

by WordPress

CVEs (2)

  • CVE-2025-8208MedAug 24, 2025
    risk 0.35cvss 6.4epss 0.00

    The Spexo Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.0.23 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…

  • CVE-2024-13335MedJan 24, 2025
    risk 0.21cvss 4.3epss 0.00

    The Spexo Addons for Elementor – Free Elementor Addons, Widgets and Templates plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the tmpcoder_theme_install_func() function in all versions up to, and including, 1.0.14. This makes it…