Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

unitecms — Vulnerabilities & Security Advisories 26

Browse all 26 CVE security advisories affecting unitecms. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products unitecms:Unlimited Elements For ElementorUnlimited Addons for WPBakery Page BuilderAddon LibraryBlox Page BuilderUnlimited Elements for Elementor (Premium)Doubly – Cross Domain Copy Paste for WordPress
CVE IDTitleCVSSSeverityPaused
CVE-2026-4659 Unlimited Elements For Elementor <= 2.0.6 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal in Repeater JSON/CSV URL with Path Traversal — Unlimited Elements For ElementorCWE-22 7.5 High2026-04-17
CVE-2026-2724 Unlimited Elements For Elementor <= 2.0.5 - Unauthenticated Stored Cross-Site Scripting via Form Entry Fields — Unlimited Elements For ElementorCWE-79 7.2 High2026-03-10
CVE-2025-14274 Unlimited Elements for Elementor <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget — Unlimited Elements For ElementorCWE-79 5.4 Medium2026-02-03
CVE-2025-14476 Doubly <= 1.0.46 - Authenticated (Subscriber+) PHP Object Injection via ZIP File Import — Doubly – Cross Domain Copy Paste for WordPressCWE-502 8.8 High2025-12-13
CVE-2025-13692 Unlimited Elements For Elementor and Unlimited Elements For Elementor (Premium) <= 2.0 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload — Unlimited Elements for Elementor (Premium)CWE-79 7.2 High2025-11-27
CVE-2025-8603 Unlimited Elements For Elementor <= 1.5.148 - Authenticated (Contributor+) Stored Cross-Site Scripting — Unlimited Elements For ElementorCWE-79 6.4 Medium2025-08-28
CVE-2025-1663 Unlimited Elements For Elementor <= 1.5.142 - Authenticated (Contributor+) Stored Cross-Site Scripting — Unlimited Elements For ElementorCWE-79 6.4 Medium2025-04-03
CVE-2024-13155 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.140 - Authenticated (Contributor+) Stored Cross-Site Scripting via Transparent Split Hero Widget — Unlimited Elements For ElementorCWE-79 6.4 Medium2025-02-20
CVE-2024-13153 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.135 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Unlimited Elements For ElementorCWE-79 6.4 Medium2025-01-09
CVE-2024-10784 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.126 - Authenticated (Contributor+) Stored Cross-Site Scripting — Unlimited Elements For ElementorCWE-79 6.4 Medium2024-12-12
CVE-2024-6315 Blox Page Builder <= 1.0.65 - Authenticated (Contributor+) Arbitrary File Upload — Blox Page BuilderCWE-434 8.8 High2024-08-06
CVE-2024-6170 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'email' — Unlimited Elements For ElementorCWE-79 6.4 Medium2024-07-09
CVE-2024-6169 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'username' — Unlimited Elements For ElementorCWE-79 6.4 Medium2024-07-09
CVE-2024-6166 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Time-Based SQL Injection — Unlimited Elements For ElementorCWE-89 8.8 High2024-07-09
CVE-2024-6171 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass — Unlimited Elements For ElementorCWE-348 5.3 Medium2024-07-09
CVE-2024-5329 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.109 - Authenticated (Contributor+) Blind SQL Injection via data[addonID] Parameter — Unlimited Elements For ElementorCWE-89 8.8 High2024-06-06
CVE-2024-3190 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.107 - Authenticated (Contributor+) Stored Cross-Site Scripting via Text Field — Unlimited Elements For ElementorCWE-79 5.4 Medium2024-05-30
CVE-2023-6743 Unlimited Elements for Elementor <= 1.5.89 - Authenticated(Contributor+) Remote Code Execution via template import — Unlimited Elements For ElementorCWE-1336 8.8 High2024-05-29
CVE-2024-4779 Unlimited Elements for Elementor <= 1.5.107 - Authenticated (Contributor+) SQL Injection via data[post_ids][0] — Unlimited Elements For ElementorCWE-89 8.8 High2024-05-23
CVE-2024-3055 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Contributor+) SQL Injection — Unlimited Elements For ElementorCWE-89 8.8 High2024-05-10
CVE-2024-3547 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Reflected Cross-Site Scripting — Unlimited Elements For ElementorCWE-79 6.1 Medium2024-05-10
CVE-2024-2662 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Admin+) Command Injection — Unlimited Elements For ElementorCWE-78 7.2 High2024-05-10
CVE-2024-0367 Unlimited Elements For Elementor <= 1.5.96 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Link — Unlimited Elements For ElementorCWE-79 6.4 Medium2024-03-30
CVE-2024-1710 Addon Library <= 1.3.76 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload — Addon LibraryCWE-862 8.8 High2024-02-24
CVE-2023-6925 Unlimited Addons for WPBakery Page Builder <= 1.0.42 - Authenticated (Editor+) Arbitrary File Upload — Unlimited Addons for WPBakery Page BuilderCWE-434 7.2 High2024-02-05
CVE-2023-3295 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.66 - Authenticated (Contributor+) Arbitrary File Upload — Unlimited Elements For ElementorCWE-434 8.8 High2023-06-17

This page lists every published CVE security advisory associated with unitecms. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.