Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Happy Addons for Elementor — Vulnerabilities & Security Advisories 39

All 39 CVE vulnerabilities found in Happy Addons for Elementor, with AI-generated Chinese analysis, references, and POCs.

Vendor: weDevs

CVE IDTitleCVSSSeverityPaused
CVE-2026-2917 Happy Addons for Elementor <= 3.21.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Post Duplication via 'post_id' Parameter CWE-639 5.4 Medium2026-03-11
CVE-2026-2918 Happy Addons for Elementor <= 3.21.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Stored Cross-Site Scripting via Template Conditions CWE-639 6.4 Medium2026-03-11
CVE-2026-1210 Happy Addons for Elementor <= 3.20.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field CWE-79 6.4 Medium2026-02-03
CVE-2025-68999 WordPress Happy Addons for Elementor plugin <= 3.20.4 - SQL Injection vulnerability CWE-89 8.5 High2026-01-22
CVE-2025-14635 Happy Addons for Elementor <= 3.20.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS CWE-79 6.4 Medium2025-12-23
CVE-2025-63077 WordPress Happy Addons for Elementor plugin <= 3.20.3 - Broken Access Control vulnerability CWE-862 4.3 Medium2025-12-09
CVE-2025-30766 WordPress Happy Addons for Elementor plugin <= 3.16.2 - Cross Site Scripting (XSS) Vulnerability CWE-79 6.5 Medium2025-03-27
CVE-2024-12852 Happy Addons for Elementor <= 3.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2025-01-08
CVE-2024-10538 Happy Addons for Elementor <= 3.12.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison CWE-79 6.4 Medium2024-11-12
CVE-2024-48045 WordPress Happy Elementor Addons plugin <= 3.12.3 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-11-01
CVE-2024-47357 WordPress Happy Addons for Elementor plugin <= 3.12.0 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2024-10-06
CVE-2024-8801 Happy Addons for Elementor <= 3.12.2 - Authenticated (Contributor+) Sensitive Information Exposure CWE-200 4.3 Medium2024-09-24
CVE-2024-6627 Happy Addons for Elementor <= 3.11.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via PDF View Widget CWE-79 6.4 Medium2024-07-27
CVE-2024-5790 Happy Addons for Elementor <= 3.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gradient Heading Widget CWE-79 6.4 Medium2024-06-29
CVE-2024-5041 Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion CWE-79 6.4 Medium2024-05-31
CVE-2024-5347 Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation Widget CWE-79 6.4 Medium2024-05-31
CVE-2024-5088 Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-05-18
CVE-2024-4865 Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id Parameter CWE-79 6.4 Medium2024-05-18
CVE-2024-4391 Happy Addons for Elementor Authenticated (Contributor+) Stored-XSS <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar Widget CWE-79 6.4 Medium2024-05-16
CVE-2024-4478 Happy Addons for Elementor <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group Widget CWE-79 6.4 Medium2024-05-16
CVE-2024-24833 WordPress Happy Addons for Elementor plugin <= 3.10.1 - Broken Access Control on Post Clone vulnerability CWE-862 4.3 Medium2024-05-08
CVE-2024-3891 Happy Addons for Elementor <= 3.10.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags CWE-79 6.4 Medium2024-05-02
CVE-2024-3724 Happy Addons for Elementor <= 3.10.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group, Photo Stack, & Horizontal Timeline CWE-79 6.4 Medium2024-05-02
CVE-2024-3890 Happy Addons for Elementor <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Calendly Widget CWE-79 6.4 Medium2024-04-26
CVE-2024-32698 WordPress Happy Addons for Elementor plugin <= 3.10.4 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2024-04-22
CVE-2024-1498 Happy Addons for Elementor <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Photo Stack Widget CWE-79 6.4 Medium2024-04-09
CVE-2024-2787 Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title HTML Tag CWE-79 6.4 Medium2024-04-09
CVE-2024-2789 Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Calendy CWE-79 6.4 Medium2024-04-09
CVE-2024-1387 Happy Addons for Elementor <= 3.10.4 - Incorrect Authorization to Information Exposure CWE-862 4.3 Medium2024-04-09
CVE-2024-2788 Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title HTML Tag CWE-79 6.4 Medium2024-04-09

All 39 known CVE vulnerabilities affecting Happy Addons for Elementor with full Chinese analysis, references, and POCs where available.