Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Addon Elements for Elementor (formerly Elementor Addon Elements) — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in Addon Elements for Elementor (formerly Elementor Addon Elements), with AI-generated Chinese analysis, references, and POCs.

Vendor: wpvibes

CVE IDTitleCVSSSeverityPublished
CVE-2025-12537 Addon Elements for Elementor <= 1.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2025-12-14
CVE-2024-13215 Elementor Addon Elements <= 1.13.10 - Authenticated (Contributor+) Sensitive Information Exposure via Modal Popup CWE-359 4.3 Medium2025-01-15
CVE-2024-8902 Elementor Addon Elements <= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sections CWE-200 4.3 Medium2024-10-12
CVE-2024-7122 Elementor Addon Elements <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets CWE-79 6.4 Medium2024-08-30
CVE-2024-4401 Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters CWE-79 6.4 Medium2024-08-30
CVE-2024-4570 Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-06-27
CVE-2024-4569 Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-06-27
CVE-2024-2092 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget CWE-79 5.4 Medium2024-06-12
CVE-2024-3743 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-05-02
CVE-2024-2792 Elementor Addon Elements <= 1.13.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'Text Separator' and 'Image Compare' Widget CWE-79 6.4 Medium2024-04-09
CVE-2024-2091 Elementor Addon Elements <= 1.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 5.4 Medium2024-03-28
CVE-2024-1393 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Switcher Widget CWE-79 6.4 Medium2024-03-13
CVE-2024-1391 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Thumbnail Slider Widget CWE-79 6.4 Medium2024-03-13
CVE-2024-1422 Elementor Addon Elements <= 1.12.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Modal Popup effet CWE-79 6.4 Medium2024-03-13
CVE-2024-1392 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Dual Button Widget CWE-79 6.4 Medium2024-03-13
CVE-2024-1358 Elementor Addon Elements <= 1.12.12 - Directory Traversal to Local File Inclusion CWE-22 8.8 High2024-03-13
CVE-2023-5381 Elementor Addon Elements <= 1.12.7 - Authenticated (Administrator+) Stored Cross-Site Scripting CWE-79 4.4 Medium2023-11-15
CVE-2023-4690 Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery CWE-352 5.4 Medium2023-11-15
CVE-2023-4689 Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery CWE-352 5.4 Medium2023-11-15
CVE-2023-4723 Elementor Addon Elements <= 1.12.7 - Missing Authorization to Sensitive Information Exposure CWE-862 5.3 Medium2023-11-15

All 20 known CVE vulnerabilities affecting Addon Elements for Elementor (formerly Elementor Addon Elements) with full Chinese analysis, references, and POCs where available.