Browse all 2 CVE security advisories affecting elespare. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-4615 | Elespare – Blog, Magazine and Newspaper Addons for Elementor with Templates, Widgets, Kits, and Header/Footer Builder. One Click Import: No Coding Required! <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Horizontal Nav Menu Widget — EleSpare – News, Magazine and Blog Addons for ElementorCWE-79 | 6.4 | Medium | 2024-06-13 |
| CVE-2024-0900 | Elespare – Build Your Blog, News & Magazine Websites with Expert-Designed Template Kits. One Click Import: No Coding Skills Required! <= 2.1.2 - Missing Authorization to Subscriber+ Arbitrary Post Creation — EleSpare – News, Magazine and Blog Addons for ElementorCWE-862 | 4.3 | Medium | 2024-04-23 |
This page lists every published CVE security advisory associated with elespare. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.