Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

roxnor — Vulnerabilities & Security Advisories 74

Browse all 74 CVE security advisories affecting roxnor. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by roxnor:MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorPopup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce TriggersWp Social Login and Register Social CounterMetformWp Ultimate ReviewShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce SolutionEmailKit – Email Customizer for WooCommerce & WPGetGenie – AI Content Writer with Keyword Research & SEO Tracking ToolsElementsKit Elementor addons LiteFundEnginePopupKitFundEngine – Donation and Crowdfunding PlatformEmailKitGetGenie
CVE IDTitleCVSSSeverityPublished
CVE-2025-30914 WordPress Metform Elementor Contact Form Builder plugin <= 3.9.7 - Server Side Request Forgery (SSRF) vulnerability — MetformCWE-918 4.4 Medium2025-03-27
CVE-2025-1506 Wp Social Login and Register Social Counter <= 3.1.0 - Cross-Site Request Forgery to Settings Update — Wp Social Login and Register Social CounterCWE-352 4.3 Medium2025-02-28
CVE-2025-0968 ElementsKit Elementor addons <= 3.4.0 - Unauthenticated Information Exposure via get_megamenu_content Function — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-284 5.3 Medium2025-02-19
CVE-2025-1005 ElementsKit Elementor addons <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2025-02-15
CVE-2023-50903 WordPress Metform Elementor Contact Form Builder plugin <= 3.4.0 - Broken Access Control vulnerability — MetformCWE-862 8.2 -2024-12-09
CVE-2024-37255 WordPress ElementsKit Lite plugin <= 3.1.4 - Unauthenticated Broken Access Control vulnerability — ElementsKit Elementor addons LiteCWE-862 5.3 Medium2024-11-01
CVE-2024-9501 Wp Social Login and Register Social Counter <= 3.0.7 - Authentication Bypass via WordPress.com OAuth provider — Wp Social Login and Register Social CounterCWE-288 9.8 Critical2024-10-26
CVE-2024-10091 ElementsKit Elementor addons <= 3.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-10-26
CVE-2024-8546 ElementsKit Elementor addons <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-09-25
CVE-2023-0714 Metform Elementor Contact Form Builder <= 3.2.4 - Unauthenticated Double-Extension Arbitrary File Upload — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-434 8.1 High2024-08-17
CVE-2024-6698 FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation — FundEngine – Donation and Crowdfunding PlatformCWE-862 8.8 High2024-08-01
CVE-2024-6455 ElementsKit Elementor addons <= 3.2.0 - Unauthenticated Information Exposure via ekit_widgetarea_content Function — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-200 5.3 Medium2024-07-18
CVE-2024-4266 MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 3.8.8 - Unauthenticated Sensitive Information Exposure — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-200 5.3 Medium2024-06-11
CVE-2024-21746 WordPress Wp Ultimate Review plugin <= 2.3.6 - IP limit Bypass vulnerability — Wp Ultimate ReviewCWE-290 8.8 -2024-05-17
CVE-2024-33570 WordPress MetForm plugin <= 3.8.3 - Broken Access Control vulnerability — MetformCWE-862 4.3 Medium2024-05-06
CVE-2024-3499 ElementsKit Elementor addons <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Onepage Scroll Module — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-98 8.8 High2024-05-02
CVE-2024-32505 WordPress ElementsKit Elementor addons plugin <= 3.0.6 - Cross Site Scripting (XSS) vulnerability — ElementsKit Elementor addons LiteCWE-79 6.5 Medium2024-04-17
CVE-2024-2803 ElementsKit Elementor addons <= 3.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-04-04
CVE-2024-2791 Metform Elementor Contact Form Builder <= 3.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widgets — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-79 6.4 Medium2024-04-02
CVE-2024-1238 ElementsKit Elementor addons <= 3.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-03-30
CVE-2024-2047 ElementsKit Elementor addons <= 3.0.6 - Authenticated (Contributor+) Local File Inclusion in render_raw — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-98 8.8 High2024-03-30
CVE-2024-2042 ElementsKit Elementor addons <= 3.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-03-16
CVE-2023-6525 ElementsKit Elementor addons <= 3.0.3 - Authenticated(Editor+) Stored Cross-Site Scripting — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 5.5 Medium2024-03-16
CVE-2024-1239 ElementsKit Elementor addons <= 3.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-03-16
CVE-2024-1763 Wp Social Login and Register Social Counter <= 3.0.0 - Missing Authorization to Unauthenticated Social Login/Share Status Update — Wp Social Login and Register Social CounterCWE-862 6.5 Medium2024-03-13
CVE-2024-1585 Metform Elementor Contact Form Builder <= 3.8.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-79 6.4 Medium2024-03-13
CVE-2023-6582 ElementsKit Lite <= 3.0.3 - Unauthenticated Sensitive Information Exposure — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-284 5.3 Medium2024-01-11
CVE-2023-6788 Metform Elementor Contact Form Builder <= 3.8.1 - Cross-Site Request Forgery — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-352 5.4 Medium2024-01-09
CVE-2023-0689 Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via 'mf_first_name' shortcode — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-639 4.3 Medium2023-08-31
CVE-2023-2517 Metform Elementor Contact Form Builder <= 3.3.2 - Cross-Site Request Forgery via permalink_setup — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-352 5.4 Medium2023-07-12

This page lists every published CVE security advisory associated with roxnor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.