VYPR

Essential Addons For Elementor

by Wpdeveloper

Source repositories

CVEs (43)

  • CVE-2024-4156MedMay 2, 2024
    risk 0.35cvss 6.4epss 0.01

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eael_event_text_color’ parameter in versions up to, and including, 5.9.17 due to insufficient…

  • CVE-2024-3728MedMay 2, 2024
    risk 0.35cvss 6.4epss 0.01

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery & Interactive Circle widgets in all versions up to, and including, 5.9.15…

  • CVE-2024-3333MedApr 17, 2024
    risk 0.35cvss 6.4epss 0.00

    The Essential Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attributes of widgets in all versions up to, and including, 5.9.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…

  • CVE-2024-1537MedMar 13, 2024
    risk 0.35cvss 6.4epss 0.00

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Data Table widget in all versions up to, and including, 5.9.9 due to insufficient input…

  • CVE-2024-1236MedFeb 29, 2024
    risk 0.35cvss 6.4epss 0.00

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Filterable Controls label icon parameter in all versions up to, and including, 5.9.8 due to…

  • CVE-2024-1172MedFeb 29, 2024
    risk 0.35cvss 5.4epss 0.00

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Accordion widget in all versions up to, and including, 5.9.8 due to insufficient input…

  • CVE-2024-0954MedFeb 5, 2024
    risk 0.35cvss 6.4epss 0.00

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting through editing context via the 'data-eael-wrapper-link' wrapper in all versions up to, and including, 5.9.7…

  • CVE-2024-0586MedFeb 5, 2024
    risk 0.35cvss 6.4epss 0.00

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Login/Register Element in all versions up to, and including, 5.9.4 due to insufficient input…

  • CVE-2023-7044MedJan 4, 2024
    risk 0.35cvss 6.4epss 0.00

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom ID in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output…

  • CVE-2023-32245MedNov 18, 2023
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Essential Addons for Elementor Pro.This issue affects Essential Addons for Elementor Pro: from n/a through 5.4.8.

  • CVE-2026-23543MedFeb 19, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through <= 6.5.5.

  • CVE-2023-3779MedJul 20, 2023
    risk 0.34cvss 5.3epss 0.00

    The Essential Addons For Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 5.8.1 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for…

  • CVE-2025-39589MedApr 16, 2025
    risk 0.28cvss 4.3epss 0.00

    Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Retrieve Embedded Sensitive Data.This issue affects Essential Addons for Elementor: from n/a through…

  • CVE-2024-1171MedFeb 29, 2024
    risk 0.28cvss 5.4epss 0.00

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery Widget in all versions up to, and including, 5.9.8 due to insufficient…

  • CVE-2024-0585MedFeb 5, 2024
    risk 0.28cvss 5.4epss 0.00

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 5.9.4 due to insufficient…

  • CVE-2024-3733MedApr 25, 2024
    risk 0.27cvss 5.3epss 0.01

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajax_load_more() , eael_woo_pagination_product_ajax(),…

  • CVE-2024-2974MedApr 9, 2024
    risk 0.27cvss 5.3epss 0.01

    The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 5.9.13 via the load_more function. This can allow unauthenticated…

  • CVE-2025-64352LowOct 31, 2025
    risk 0.18cvss 2.7epss 0.00

    Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through <= 6.2.4.

  • CVE-2023-32243May 12, 2023
    risk 0.07cvss epss 0.76

    Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1.

  • CVE-2025-69092Dec 30, 2025
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows DOM-Based XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.5.3.