Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

BDThemes — Vulnerabilities & Security Advisories 81

Browse all 81 CVE security advisories affecting BDThemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by BDThemes:Element Pack – Widgets, Templates & Addons for ElementorPrime Slider – Addons for ElementorUltimate Store Kit Elementor AddonsElement Pack Elementor AddonsZoloBlocksElement Pack ProUltimate Store Kit – Addon For WooCommerce, EDD and ElementorZoloBlocks – Gutenberg Block Editor Plugin with Advanced Blocks, Dynamic Content, Templates & PatternsUltimate Post Kit Addons for ElementorElement Pack Pro - Addon for Elementor Page Builder WordPress PluginInstant Image GeneratorElement Pack Elementor Addons and TemplatesPixel Gallery Addons for Elementor – Easy Grid, Creative Gallery, Drag and Drop Grid, Custom Grid Layout, Portfolio GallerySpin Wheel – Interactive spinning wheel that offers couponsUltimate Post Kit
CVE IDTitleCVSSSeverityPublished
CVE-2024-3927 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.3 - Form Submission Admin Email Bypass — Element Pack – Widgets, Templates & Addons for ElementorCWE-424 5.3 Medium2024-05-22
CVE-2024-4339 Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) <= 3.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Prime Slider – Addons for ElementorCWE-79 6.4 Medium2024-05-09
CVE-2024-4606 WordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder plugin <= 2.0.3 - PHP Object Injection vulnerability — Ultimate Store Kit Elementor AddonsCWE-502 5.4 Medium2024-05-09
CVE-2024-32681 WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability — Prime Slider – Addons For ElementorCWE-862 4.3 Medium2024-04-22
CVE-2024-32682 WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability — Prime Slider – Addons For ElementorCWE-862 7.1 High2024-04-22
CVE-2024-1730 Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider) <= 3.14.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Prime Slider – Addons for ElementorCWE-79 5.4 Medium2024-04-20
CVE-2024-32572 WordPress Element Pack Elementor Addons plugin <= 5.6.0 - Cross Site Scripting (XSS) vulnerability — Element Pack Elementor AddonsCWE-79 6.5 Medium2024-04-18
CVE-2024-1426 Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price List Widget — Element Pack – Widgets, Templates & Addons for ElementorCWE-79 6.4 Medium2024-04-18
CVE-2024-1429 Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Panel Slider Widget — Element Pack – Widgets, Templates & Addons for ElementorCWE-79 6.4 Medium2024-04-18
CVE-2024-2966 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.5.6 - Sensitive Information Exposure via element_pack_ajax_search — Element Pack – Widgets, Templates & Addons for ElementorCWE-200 5.3 Medium2024-04-11
CVE-2024-31357 WordPress Ultimate Store Kit Elementor Addons plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability — Ultimate Store Kit Elementor AddonsCWE-79 6.5 Medium2024-04-08
CVE-2024-0837 Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Custom Gallery' Widget — Element Pack – Widgets, Templates & Addons for ElementorCWE-79 6.4 Medium2024-04-06
CVE-2024-1428 Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Trailer Box Widget — Element Pack – Widgets, Templates & Addons for ElementorCWE-79 6.4 Medium2024-04-06
CVE-2024-30496 WordPress Element Pack Lite plugin <= 5.5.3 - SQL Injection vulnerability — Element Pack Elementor AddonsCWE-89 8.5 High2024-03-29
CVE-2024-30186 WordPress Prime Slider plugin <= 3.13.1 - Cross Site Scripting (XSS) vulnerability — Prime Slider – Addons For ElementorCWE-79 6.5 Medium2024-03-27
CVE-2024-30185 WordPress Element Pack Elementor Addons plugin <= 5.5.3 - Cross Site Scripting (XSS) vulnerability — Element Pack Elementor AddonsCWE-79 6.5 Medium2024-03-27
CVE-2024-24840 WordPress Element Pack Elementor Addons plugin <= 5.4.11 - Broken Access Control on Duplicate Post vulnerability — Element Pack Elementor AddonsCWE-862 4.3 Medium2024-03-23
CVE-2024-24883 WordPress Prime Slider plugin <= 3.11.10 - Broken Access Control on Duplicate Post vulnerability — Prime Slider – Addons For ElementorCWE-862 4.3 Medium2024-03-21
CVE-2024-1507 Prime Slider – Addons For Elementor <= 3.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rubix Widget — Prime Slider – Addons for ElementorCWE-79 6.4 Medium2024-03-13
CVE-2024-1508 Prime Slider – Addons For Elementor <= 3.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Mercury Widget — Prime Slider – Addons for ElementorCWE-79 6.4 Medium2024-03-13
CVE-2024-1506 Prime Slider – Addons For Elementor <= 3.13.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fiestar Widget — Prime Slider – Addons for ElementorCWE-79 6.4 Medium2024-03-07

This page lists every published CVE security advisory associated with BDThemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.