NicheAddons — Vulnerabilities & Security Advisories 24

Browse all 24 CVE security advisories affecting NicheAddons. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by NicheAddons:Events Addon for Elementor Primary Addon for Elementor Restaurant & Cafe Addon for Elementor Medical Addon for Elementor Charity Addon for Elementor Sales Page Addon – Elementor & Beaver Builder Education Addon for Elementor

CVE ID	Title	CVSS	Severity	Published
CVE-2025-8150	Events Addon for Elementor <= 2.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter and Countdown Widgets — Events Addon for ElementorCWE-79	6.4	Medium	2025-08-29
CVE-2025-8212	Medical Addon for Elementor <= 1.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter Widget — Medical Addon for ElementorCWE-79	6.4	Medium	2025-08-02
CVE-2024-13854	Education Addon for Elementor <= 1.3.1 - Authenticated (Contributor+) Insecure Direct Object Reference via naedu_elementor_template Shortcode — Education Addon for ElementorCWE-284	4.3	Medium	2025-02-19
CVE-2024-12046	Medical Addon for Elementor <= 1.6.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via Shortcode — Medical Addon for ElementorCWE-639	4.3	Medium	2025-02-04
CVE-2024-12061	Events Addon for Elementor <= 2.2.3 - Authenticated (Contributor+) Post Disclosure — Events Addon for ElementorCWE-639	4.3	Medium	2024-12-18
CVE-2024-54316	WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability — Restaurant & Cafe Addon for ElementorCWE-79	6.5	Medium	2024-12-13
CVE-2024-54314	WordPress Primary Addon for Elementor plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability — Primary Addon for ElementorCWE-79	6.5	Medium	2024-12-13
CVE-2024-54315	WordPress Events Addon for Elementor plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability — Events Addon for ElementorCWE-79	6.5	Medium	2024-12-13
CVE-2023-47826	WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability — Restaurant & Cafe Addon for ElementorCWE-862	6.5	Medium	2024-12-09
CVE-2024-12062	Charity Addon for Elementor <= 1.3.3 - Authenticated (Contributor+) Post Disclosure — Charity Addon for ElementorCWE-639	4.3	Medium	2024-12-03
CVE-2024-10780	Restaurant & Cafe Addon for Elementor <= 1.5.9 - Authenticated (Contributor+) Post Disclosure — Restaurant & Cafe Addon for ElementorCWE-639	4.3	Medium	2024-11-28
CVE-2024-10670	Primary Addon for Elementor <= 1.6.2 - Authenticated (Contributor+) Post Disclosure — Primary Addon for ElementorCWE-639	4.3	Medium	2024-11-28
CVE-2024-51938	WordPress Charity Addon for Elementor plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability — Charity Addon for ElementorCWE-79	6.5	Medium	2024-11-19
CVE-2024-51581	WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.6 - Cross Site Scripting (XSS) vulnerability — Restaurant & Cafe Addon for ElementorCWE-79	6.5	Medium	2024-11-10
CVE-2024-51585	WordPress Sales Page Addon plugin <= 1.4.5 - Stored Cross Site Scripting (XSS) vulnerability — Sales Page Addon – Elementor & Beaver BuilderCWE-79	6.5	Medium	2024-11-09
CVE-2024-49259	WordPress Primary Addon for Elementor plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability — Primary Addon for ElementorCWE-79	6.5	Medium	2024-10-17
CVE-2024-49264	WordPress Events Addon for Elementor plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability — Events Addon for ElementorCWE-79	6.5	Medium	2024-10-17
CVE-2024-44024	WordPress Medical Addon for Elementor plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability — Medical Addon for ElementorCWE-79	6.5	Medium	2024-10-06
CVE-2024-44026	WordPress Charity Addon for Elementor plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability — Charity Addon for ElementorCWE-79	6.5	Medium	2024-10-06
CVE-2024-44032	WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.5 - Cross Site Scripting (XSS) vulnerability — Restaurant & Cafe Addon for ElementorCWE-79	6.5	Medium	2024-10-06
CVE-2024-44033	WordPress Primary Addon for Elementor plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability — Primary Addon for ElementorCWE-79	6.5	Medium	2024-10-06
CVE-2024-4669	Events Addon for Elementor <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Events Addon for ElementorCWE-79	6.4	Medium	2024-06-11
CVE-2024-5229	Primary Addon for Elementor <= 1.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pricing Table Widget — Primary Addon for ElementorCWE-79	6.4	Medium	2024-05-25
CVE-2023-47827	WordPress Events Addon for Elementor Plugin <= 2.1.3 is vulnerable to Broken Access Control — Events Addon for ElementorCWE-863	6.5	Medium	2023-11-30

This page lists every published CVE security advisory associated with NicheAddons. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

NicheAddons — Vulnerabilities & Security Advisories 24