Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wpdevteam — Vulnerabilities & Security Advisories 90

Browse all 90 CVE security advisories affecting wpdevteam. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by wpdevteam:Essential Addons for Elementor – Popular Elementor Templates & WidgetsGutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsEmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreNotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification BarBetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block EditorEssential Blocks ProSchedulePress – Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post PublisherTemplately – Elementor & Gutenberg Template Library: 6500+ Free & Pro Ready Templates And Cloud!
CVE IDTitleCVSSSeverityPublished
CVE-2024-1854 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsCWE-20 6.4 Medium2024-03-13
CVE-2024-1537 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Data Table — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-03-13
CVE-2024-1536 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 7.4 High2024-03-13
CVE-2024-1802 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Wistia Block — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-03-07
CVE-2024-2128 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-03-07
CVE-2024-1698 NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor <= 2.8.2 - Unauthenticated SQL Injection — NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification BarCWE-89 9.8 Critical2024-02-27
CVE-2024-1171 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 5.4 Medium2024-02-20
CVE-2024-1172 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 5.4 Medium2024-02-20
CVE-2024-1276 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-02-20
CVE-2024-1349 EmbedPress <= 3.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-02-20
CVE-2024-1425 EmbedPress <= 3.9.8 - Authenticated(Contributor+) Stored Cross-Site Scripting via Google Calendar Widget Link — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-02-20
CVE-2024-1236 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-02-20
CVE-2024-0586 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.4 - Authenticated (Contributor+) Stored Cross-Site Scritping — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-02-05
CVE-2024-0954 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-02-05
CVE-2024-0585 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image URl — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 5.4 Medium2024-02-05
CVE-2023-7071 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsCWE-79 6.4 Medium2024-01-11
CVE-2023-7044 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-01-04
CVE-2023-6986 EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor <= 3.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-01-03
CVE-2023-4386 Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via queries — Essential Blocks ProCWE-502 8.1 High2023-10-20
CVE-2023-4402 Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via products — Essential Blocks ProCWE-502 8.1 High2023-10-20
CVE-2023-4282 EmbedPress <= 3.8.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Delete via admin_post_remove and remove_private_data — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-862 5.4 Medium2023-08-10
CVE-2023-4283 EmbedPress <= 3.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2023-08-10
CVE-2023-3779 Essential Addons For Elementor <=5.8.1 - Unauthenticated MailChimp API Key Disclosure — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-200 5.3 Medium2023-07-20
CVE-2020-36744 NotificationX <= 1.8.2 - Cross-Site Request Forgery Bypass — NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification BarCWE-352 4.3 Medium2023-07-01
CVE-2023-3371 EmbedPress <= 3.7.3 - Sensitive Information Exposure — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-321 5.3 Medium2023-06-27
CVE-2023-2083 Essential Blocks <= 4.0.6 - Missing Authorization via save — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsCWE-862 4.3 Medium2023-06-09
CVE-2023-2087 Essential Blocks <= 4.0.6 - Cross-Site Request Forgery via save — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsCWE-352 4.3 Medium2023-06-09
CVE-2023-2085 Essential Blocks <= 4.0.6 - Missing Authorization via templates — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsCWE-862 4.3 Medium2023-06-09
CVE-2023-2086 Essential Blocks <= 4.0.6 - Missing Authorization via template_count — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsCWE-862 4.3 Medium2023-06-09
CVE-2023-2084 Essential Blocks <= 4.0.6 - Missing Authorization via get — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsCWE-862 4.3 Medium2023-06-09

This page lists every published CVE security advisory associated with wpdevteam. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.