VYPR

Royal Elementor Addons

by Royal Elementor Addons

Source repositories

CVEs (67)

  • CVE-2025-0393Jan 14, 2025
    risk 0.00cvss epss 0.00

    The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1006. This is due to missing or incorrect nonce validation on the wpr_filter_grid_posts() function. This makes it possible for…

  • CVE-2024-9682Nov 13, 2024
    risk 0.00cvss epss 0.00

    The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Form Builder widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping on user supplied attributes.…

  • CVE-2024-9668Nov 13, 2024
    risk 0.00cvss epss 0.00

    The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping on user supplied attributes.…

  • CVE-2024-9059Nov 13, 2024
    risk 0.00cvss epss 0.00

    The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2024-7417Oct 17, 2024
    risk 0.00cvss epss 0.00

    The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the data_fetch. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract data from…

  • CVE-2024-8482Oct 8, 2024
    risk 0.00cvss epss 0.00

    The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 1.3.982 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2024-7122Aug 30, 2024
    risk 0.00cvss epss 0.00

    The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for…

Page 4 of 4