| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-10172 | WPBakery Visual Composer WHMCS Elements <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via void_wbwhmcse_laouts_search Shortcode | voidcoders | Innovs WPBakery Visual Composer WHMCS Elements | Medium | 6.4 | 2024-11-21 02:06:45 | Deep Dive |
| CVE-2024-51912 | WordPress IntelliWidget Elements plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability | lilaeamedia | IntelliWidget Elements | Medium | 6.5 | 2024-11-19 16:31:01 | Deep Dive |
| CVE-2024-51927 | WordPress Rig Elements For Elementor plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | Asaduzzaman Abir | Rig Elements For Elementor | Medium | 6.5 | 2024-11-19 16:30:55 | Deep Dive |
| CVE-2024-10802 | Hash Elements <= 1.4.7 - Missing Authorization to Unauthenticated Draft Post Title Exposure | hashthemes | Hash Elements | Medium | 5.3 | 2024-11-13 03:20:06 | Deep Dive |
| CVE-2024-51589 | WordPress Bigmart Elements plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability | wpcirqle | Bigmart Elements | Medium | 6.5 | 2024-11-09 14:51:50 | Deep Dive |
| CVE-2024-51592 | WordPress Meta Store Elements plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability | Mystical Themes | Meta Store Elements | Medium | 6.5 | 2024-11-09 14:47:42 | Deep Dive |
| CVE-2024-10329 | Ultimate Bootstrap Elements for Elementor <= 1.4.6 - Authenticated (Contributor+) Sensitive Information Exposure | g5theme | Ultimate Bootstrap Elements for Elementor | Medium | 4.3 | 2024-11-05 13:55:29 | Deep Dive |
| CVE-2024-47361 | WordPress Elementor Addon Elements plugin <= 1.13.6 - Broken Access Control vulnerability | WPVibes | Elementor Addon Elements | Medium | 6.5 | 2024-11-01 14:17:03 | Deep Dive |
| CVE-2024-49693 | WordPress Mega Elements – Addons for Elementor plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability | Kraft Plugins | Mega Elements | Medium | 6.5 | 2024-10-24 12:41:55 | Deep Dive |
| CVE-2024-49271 | WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.121 - Remote Code Execution (RCE) vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Critical | 9.1 | 2024-10-16 12:55:41 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-8902 | Elementor Addon Elements <= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sections | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 4.3 | 2024-10-12 09:39:17 | Deep Dive |
| CVE-2024-45454 | WordPress Unlimited Elements for Elementor plugin <= 1.5.121 - Reflected Cross Site Scripting (XSS) vulnerability | Unlimited Elements | Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | High | 7.1 | 2024-10-06 11:47:25 | Deep Dive |
| CVE-2024-47343 | WordPress Mega Elements – Addons for Elementor plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability | Kraft Plugins | Mega Elements | Medium | 6.5 | 2024-10-06 10:46:32 | Deep Dive |
| CVE-2024-47366 | WordPress Elementor Addon Elements plugin <= 1.13.6 - Cross Site Scripting (XSS) vulnerability | WPVibes | Elementor Addon Elements | Medium | 6.5 | 2024-10-06 09:45:19 | Deep Dive |
| CVE-2024-7122 | Elementor Addon Elements <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-08-30 09:29:48 | Deep Dive |
| CVE-2024-4401 | Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters | wpvibes | Addon Elements for Elementor (formerly Elementor Addon Elements) | Medium | 6.4 | 2024-08-30 03:24:17 | Deep Dive |
| CVE-2024-43140 | WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.4 - Local File Inclusion vulnerability | G5Theme | Ultimate Bootstrap Elements for Elementor | High | 7.5 | 2024-08-13 11:36:56 | Deep Dive |
| CVE-2024-43123 | WordPress Card Elements for Elementor plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability | Techeshta | Card Elements for Elementor | Medium | 6.5 | 2024-08-12 22:39:20 | Deep Dive |
| CVE-2024-37466 | WordPress Mega Elements plugin <= 1.2.2 - Contributor+ Cross Site Scripting (XSS) vulnerability | Kraftplugins | Mega Elements | Medium | 6.5 | 2024-07-21 21:22:43 | Deep Dive |