Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

add-ons.org — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting add-ons.org. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by add-ons.org:PDF for WPFormsPDF Invoice Builder for WooCommercePDF for Elementor Forms + Drag And Drop Template BuilderDrag and Drop File Upload for Elementor FormsEmail Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMailCost Calculator for ElementorPDF for Contact Form 7PDF for Gravity Forms + Drag And Drop Template BuilderProduct File Upload for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2026-25328 WordPress Product File Upload for WooCommerce plugin <= 2.2.4 - Arbitrary File Deletion vulnerability — Product File Upload for WooCommerceCWE-22 6.8 Medium2026-03-25
CVE-2026-22350 WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.3.1 - Broken Access Control vulnerability — PDF for Elementor Forms + Drag And Drop Template BuilderCWE-862 6.5 Medium2026-02-20
CVE-2025-68534 WordPress PDF for WPForms plugin <= 6.3.0 - Broken Access Control vulnerability — PDF for WPFormsCWE-862 6.5 Medium2026-02-20
CVE-2025-60084 WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability — PDF for Elementor Forms + Drag And Drop Template BuilderCWE-502 8.8 High2025-12-18
CVE-2025-60083 WordPress PDF Invoice Builder for WooCommerce plugin <= 6.5.0 - Deserialization of untrusted data vulnerability — PDF Invoice Builder for WooCommerceCWE-502 9.8AICriticalAI2025-12-18
CVE-2025-60080 WordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability — PDF for Gravity Forms + Drag And Drop Template BuilderCWE-502 9.8AICriticalAI2025-12-18
CVE-2025-60081 WordPress PDF for Contact Form 7 plugin <= 6.5.0 - Deserialization of untrusted data vulnerability — PDF for Contact Form 7CWE-502 9.8AICriticalAI2025-12-18
CVE-2025-60082 WordPress PDF for WPForms plugin <= 6.5.0 - Deserialization of untrusted data vulnerability — PDF for WPFormsCWE-502 9.8AICriticalAI2025-12-18
CVE-2025-58620 WordPress PDF for WPForms Plugin <= 6.2.1 - Cross Site Scripting (XSS) Vulnerability — PDF for WPFormsCWE-79 6.5 Medium2025-09-03
CVE-2025-49387 WordPress Drag and Drop File Upload for Elementor Forms Plugin <= 1.5.3 - Arbitrary File Upload Vulnerability — Drag and Drop File Upload for Elementor FormsCWE-434 10.0 Critical2025-08-28
CVE-2025-58208 WordPress PDF for Elementor Forms + Drag And Drop Template Builder Plugin <= 6.2.0 - Cross Site Scripting (XSS) Vulnerability — PDF for Elementor Forms + Drag And Drop Template BuilderCWE-79 6.5 Medium2025-08-27
CVE-2025-49289 WordPress PDF for WPForms plugin <= 5.5.0 - Broken Access Control Vulnerability — PDF for WPFormsCWE-862 5.0 Medium2025-06-06
CVE-2025-47492 WordPress Drag and Drop File Upload for Elementor Forms plugin <= 1.4.3 - Arbitrary File Deletion Vulnerability — Drag and Drop File Upload for Elementor FormsCWE-22 8.6 High2025-05-23
CVE-2025-47537 WordPress PDF Invoice Builder for WooCommerce plugin <= 5.3.8 - SQL Injection Vulnerability — PDF Invoice Builder for WooCommerceCWE-89 7.6 High2025-05-07
CVE-2025-47476 WordPress Cost Calculator for Elementor plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability — Cost Calculator for ElementorCWE-79 6.5 Medium2025-05-07
CVE-2025-30767 WordPress PDF for WPForms plugin <= 5.3.0 - Arbitrary Shortcode Execution vulnerability — PDF for WPFormsCWE-862 5.4 Medium2025-03-27
CVE-2025-24755 WordPress PDF Invoice Builder for WooCommerce plugin <= 4.6.0 - Cross Site Scripting (XSS) vulnerability — PDF Invoice Builder for WooCommerceCWE-79 6.5 Medium2025-01-24
CVE-2025-22802 WordPress Email Templates Customizer YeeMail plugin <= 2.1.4 - Cross Site Scripting (XSS) vulnerability — Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMailCWE-79 6.5 Medium2025-01-09

This page lists every published CVE security advisory associated with add-ons.org. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.