Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Exclusive Addons for Elementor — Vulnerabilities & Security Advisories 18

All 18 CVE vulnerabilities found in Exclusive Addons for Elementor, with AI-generated Chinese analysis, references, and POCs.

Vendor: DevsCred

CVE IDTitleCVSSSeverityPaused
CVE-2025-7498 Exclusive Addons for Elementor <= 2.7.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown CWE-79 6.4 Medium2025-08-06
CVE-2025-4783 Exclusive Addons for Elementor <= 2.7.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget CWE-79 6.4 Medium2025-05-26
CVE-2025-1571 Exclusive Addons for Elementor <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Image Comparison Widgets CWE-79 6.4 Medium2025-02-28
CVE-2024-10312 Exclusive Addons for Elementor <= 2.7.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates CWE-200 4.3 Medium2024-10-29
CVE-2024-5332 Exclusive Addons for Elementor <= 2.6.9.8 - Authenticated (Contibutor+) Stored Cross-Site Scripting via Card Widget CWE-79 6.4 Medium2024-06-26
CVE-2024-4618 Exclusive Addons for Elementor <= 2.6.9.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Widget CWE-79 6.4 Medium2024-05-15
CVE-2024-2751 Exclusive Addons for Elementor <= 2.6.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via InfoBox CWE-20 6.4 Medium2024-05-02
CVE-2024-3489 Exclusive Addons for Elementor <= 2.6.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Expired Title CWE-79 6.4 Medium2024-05-02
CVE-2024-2750 Exclusive Addons for Elementor <= 2.6.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget CWE-87 6.4 Medium2024-05-02
CVE-2024-2503 Exclusive Addons for Elementor <= 2.6.9.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Post Grid CWE-79 6.4 Medium2024-05-02
CVE-2024-3985 Exclusive Addons for Elementor <= 2.6.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action CWE-79 6.4 Medium2024-05-02
CVE-2024-1413 Exclusive Addons for Elementor <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget CWE-79 6.4 Medium2024-03-13
CVE-2024-2028 Exclusive Addons for Elementor <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Covid-19 Stats Widget CWE-79 6.4 Medium2024-03-13
CVE-2024-1414 Exclusive Addons for Elementor <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call To Action Widget CWE-79 6.4 Medium2024-03-13
CVE-2024-1234 Exclusive Addons for Elementor <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-03-13
CVE-2024-0823 Exclusive Addons for Elementor <= 2.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 5.4 Medium2024-02-05
CVE-2024-0824 Exclusive Addons for Elementor <= 2.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Link Anything CWE-79 6.4 Medium2024-01-27
CVE-2022-45067 WordPress Exclusive Addons Elementor Plugin <= 2.6.1 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352 4.3 Medium2023-02-02

All 18 known CVE vulnerabilities affecting Exclusive Addons for Elementor with full Chinese analysis, references, and POCs where available.