VYPR

Addons For Elementor

by Livemeshelementor

Source repositories

CVEs (30)

  • CVE-2025-8208MedAug 24, 2025
    risk 0.35cvss 6.4epss 0.00

    The Spexo Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.0.23 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…

  • CVE-2025-5292MedMay 31, 2025
    risk 0.35cvss 6.4epss 0.00

    The Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks, Widgets and WooCommerce Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content’ parameter in all versions up to, and including, 5.11.2 due…

  • CVE-2024-8858MedSep 25, 2024
    risk 0.35cvss 6.4epss 0.00

    The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechart_settings’ parameter in all versions up to, and including, 8.5 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2024-2539MedApr 10, 2024
    risk 0.35cvss 6.4epss 0.00

    The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget '_id' attributes in all versions up to, and including, 8.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…

  • CVE-2024-1466MedApr 9, 2024
    risk 0.35cvss 6.4epss 0.00

    The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slider_style’ attribute of the Posts Multislider widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This…

  • CVE-2024-1465MedApr 9, 2024
    risk 0.35cvss 6.4epss 0.00

    The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘carousel_skin’ attribute of the Posts Carousel widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This…

  • CVE-2024-1464MedApr 9, 2024
    risk 0.35cvss 6.4epss 0.00

    The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Posts Slider widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it…

  • CVE-2024-1461MedApr 9, 2024
    risk 0.35cvss 6.4epss 0.00

    The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Team Members widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it…

  • CVE-2024-1458MedApr 9, 2024
    risk 0.35cvss 6.4epss 0.00

    The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘text_alignment’ attribute of the Animated Text widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This…

  • CVE-2025-11536MedOct 20, 2025
    risk 0.33cvss 5.0epss 0.00

    The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wp_ajax_import_elementor_template action. This makes it possible for authenticated attackers, with Subscriber-level…

Page 2 of 2