Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPVibes — Vulnerabilities & Security Advisories 34

Browse all 34 CVE security advisories affecting WPVibes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by WPVibes:Addon Elements for Elementor (formerly Elementor Addon Elements)Elementor Addon ElementsWP Mail LogForm Vibes – Database Manager for FormsRedirect 404 Error Page to Homepage or Custom Page with LogsDynific Addons for Elementor (formerly AnyWhere Elementor)AnyWhere Elementor Pro
CVE IDTitleCVSSSeverityPublished
CVE-2026-28131 WordPress Elementor Addon Elements plugin <= 1.14.4 - Sensitive Data Exposure vulnerability — Elementor Addon ElementsCWE-201 6.5AIMediumAI2026-02-26
CVE-2025-13409 Form Vibes – Database Manager for Forms <= 1.4.13 - Authenticated (Admin+) SQL Injection — Form Vibes – Database Manager for FormsCWE-89 4.9 Medium2026-01-06
CVE-2025-31046 WordPress AnyWhere Elementor Pro plugin <= 2.29 - Broken Access Control Vulnerability — AnyWhere Elementor ProCWE-862 4.3 Medium2026-01-05
CVE-2025-12537 Addon Elements for Elementor <= 1.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2025-12-14
CVE-2024-13215 Elementor Addon Elements <= 1.13.10 - Authenticated (Contributor+) Sensitive Information Exposure via Modal Popup — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-359 4.3 Medium2025-01-15
CVE-2024-10777 AnyWhere Elementor <= 1.2.11 - Authenticated (Contributor+) Post Disclosure — Dynific Addons for Elementor (formerly AnyWhere Elementor)CWE-639 4.3 Medium2024-12-05
CVE-2024-47361 WordPress Elementor Addon Elements plugin <= 1.13.6 - Broken Access Control vulnerability — Elementor Addon ElementsCWE-862 6.5 Medium2024-11-01
CVE-2024-8902 Elementor Addon Elements <= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sections — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-200 4.3 Medium2024-10-12
CVE-2024-47366 WordPress Elementor Addon Elements plugin <= 1.13.6 - Cross Site Scripting (XSS) vulnerability — Elementor Addon ElementsCWE-79 6.5 Medium2024-10-06
CVE-2024-5309 Form Vibes – Database Manager for Forms <= 1.4.12 - Missing Authorization in Multiple Functions — Form Vibes – Database Manager for FormsCWE-862 5.4 Medium2024-09-05
CVE-2024-7122 Elementor Addon Elements <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-08-30
CVE-2024-4401 Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-08-30
CVE-2024-5325 Form Vibes <= 1.4.10 - Authenticated (Subscriber+) SQL Injection via fv_export_data — Form Vibes – Database Manager for FormsCWE-89 8.8 High2024-07-12
CVE-2024-4570 Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-06-27
CVE-2024-4569 Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-06-27
CVE-2024-2092 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 5.4 Medium2024-06-12
CVE-2024-3743 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-05-02
CVE-2024-2792 Elementor Addon Elements <= 1.13.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'Text Separator' and 'Image Compare' Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-04-09
CVE-2024-30422 WordPress Elementor Addon Elements plugin <= 1.13.1 - Cross Site Scripting (XSS) vulnerability — Elementor Addon ElementsCWE-79 6.5 Medium2024-03-28
CVE-2024-2091 Elementor Addon Elements <= 1.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 5.4 Medium2024-03-28
CVE-2024-29107 WordPress Elementor Addon Elements plugin <= 1.12.10 - Cross Site Scripting (XSS) vulnerability — Elementor Addon ElementsCWE-79 6.5 Medium2024-03-19
CVE-2024-1393 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Switcher Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-03-13
CVE-2024-1391 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Thumbnail Slider Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-03-13
CVE-2024-1422 Elementor Addon Elements <= 1.12.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Modal Popup effet — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-03-13
CVE-2024-1392 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Dual Button Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-03-13
CVE-2024-1358 Elementor Addon Elements <= 1.12.12 - Directory Traversal to Local File Inclusion — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-22 8.8 High2024-03-13
CVE-2023-51410 WordPress WP Mail Log Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload — WP Mail LogCWE-434 9.9 Critical2023-12-29
CVE-2023-47530 WordPress Redirect 404 Error Page to Homepage or Custom Page with Logs Plugin <= 1.8.7 is vulnerable to SQL Injection — Redirect 404 Error Page to Homepage or Custom Page with LogsCWE-89 7.6 High2023-12-18
CVE-2023-5381 Elementor Addon Elements <= 1.12.7 - Authenticated (Administrator+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 4.4 Medium2023-11-15
CVE-2023-4690 Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-352 5.4 Medium2023-11-15

This page lists every published CVE security advisory associated with WPVibes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.