VYPR

Pro Addons For Elementor

by WordPress

Source repositories

CVEs (2)

  • CVE-2021-24948HigJan 10, 2022
    risk 0.49cvss 7.5epss 0.02

    The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts

  • CVE-2024-51812MedNov 19, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasim Pro Addons For Elementor pro-addons-for-elementor allows Stored XSS.This issue affects Pro Addons For Elementor: from n/a through <= 1.5.0.