浏览 62+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-9703 | Ultimate Addons for Elementor Lite < 2.5.0 - Author+ Stored XSS | Unknown | Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) | - | - | 2025-10-06 06:00:05 | Deep Dive |
| CVE-2025-8100 | Element Pack Elementor Addons and Templates <= 8.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map Widget Marker Content | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 5.4 | 2025-08-06 03:40:59 | Deep Dive |
| CVE-2025-8488 | Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) <= 2.4.6 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update | brainstormforce | Ultimate Addons for Elementor | Medium | 4.3 | 2025-08-02 09:23:32 | Deep Dive |
| CVE-2025-6228 | Sina Extension for Elementor <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via `Sina Posts`, `Sina Blog Post` and `Sina Table` Widgets | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2025-08-01 11:18:56 | Deep Dive |
| CVE-2025-8196 | Magical Addons For Elementor <= 1.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes | nalam-1 | Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) | Medium | 6.4 | 2025-07-29 09:23:46 | Deep Dive |
| CVE-2024-12851 | Element Pack Lite - Addons for Elementor <= 5.10.14 - Authenticated (Contributor+) Stored Cross-Site Scripting | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2025-01-08 06:41:38 | Deep Dive |
| CVE-2024-11230 | Elementor Header & Footer Builder <= 1.6.46 - Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title Widget | brainstormforce | Ultimate Addons for Elementor | Medium | 6.4 | 2024-12-23 04:23:13 | Deep Dive |
| CVE-2024-11852 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.12 - Missing Authorization | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 4.3 | 2024-12-22 01:42:00 | Deep Dive |
| CVE-2024-9058 | Element Pack Elementor Addons <= 5.10.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Lightbox Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-12-03 06:50:54 | Deep Dive |
| CVE-2024-10980 | Element Pack Elementor Addons < 5.10.3 - Contributor+ Stored XSS | Unknown | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) | 中危 | - | 2024-11-29 06:00:08 | Deep Dive |
| CVE-2024-10493 | Element Pack Elementor Addons < 5.10.3 - Contributor+ Stored XSS | Unknown | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) | - | - | 2024-11-28 06:00:08 | Deep Dive |
| CVE-2024-10696 | UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) <= 1.1.8 - Insecure Direct Object Reference to Sensitive Information Exposure via UA_Template Shortcode | codersaiful | UltraAddons for Elementor | Medium | 4.3 | 2024-11-21 02:06:36 | Deep Dive |
| CVE-2024-10794 | Boostify Header Footer Builder for Elementor <= 1.3.6 - Authenticated (Contributor+) Post Disclosure | duongancol | Boostify Header Footer Builder for Elementor | Medium | 4.3 | 2024-11-13 03:20:06 | Deep Dive |
| CVE-2024-51629 | WordPress Header Footer Composer for Elementor plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability | MetricThemes | Header Footer Composer for Elementor | Medium | 6.5 | 2024-11-09 13:39:49 | Deep Dive |
| CVE-2024-10352 | Magical Addons For Elementor <= 1.2.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template | nalam-1 | Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) | Medium | 4.3 | 2024-11-09 11:38:26 | Deep Dive |
| CVE-2024-10325 | Elementor Header & Footer Builder <= 1.6.45 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | brainstormforce | Ultimate Addons for Elementor | Medium | 6.4 | 2024-11-08 11:31:07 | Deep Dive |
| CVE-2024-9867 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Map Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 5.4 | 2024-11-05 11:32:22 | Deep Dive |
| CVE-2024-9657 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.5 | 2024-11-05 11:32:21 | Deep Dive |
| CVE-2024-9868 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 5.4 | 2024-11-02 02:03:09 | Deep Dive |
| CVE-2024-10310 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Custom Gallery Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-11-02 02:03:05 | Deep Dive |