CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22312 – WordPress Thim Elementor Kit plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-22312
06 Jan 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Thim Elementor Kit allows DOM-Based XSS.This issue affects Thim Elementor Kit: from n/a through 1.2.8. Vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en ThimPress Thim Elementor Kit permite XSS basado en DOM. Este problema afecta a Thim Elementor Kit: desde n/a hasta 1.2.8. The Thim Elementor Kit plugin for WordPress is vulne... • https://patchstack.com/database/wordpress/plugin/thim-elementor-kit/vulnerability/wordpress-thim-elementor-kit-plugin-1-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22316 – WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-22316
06 Jan 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.5.1. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en WPBits WPBITS Addons For Elementor Page Builder permite XSS almacenado. Este problema afecta a WPBITS Addons For Elementor Page Build... • https://patchstack.com/database/wordpress/plugin/wpbits-addons-for-elementor/vulnerability/wordpress-wpbits-addons-for-elementor-page-builder-plugin-1-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56285 – WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross-Site Scripting vulnerability
https://notcve.org/view.php?id=CVE-2024-56285
03 Jan 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.5.1. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en WPBits WPBITS Addons For Elementor Page Builder permite XSS almacenado. Este problema afecta a WPBITS Addons For Elementor Page Build... • https://patchstack.com/database/wordpress/plugin/wpbits-addons-for-elementor/vulnerability/wordpress-wpbits-addons-for-elementor-page-builder-plugin-1-5-1-cross-site-scripting-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56282 – WordPress WPMozo Addons Lite for Elementor plugin <= 1.1.0 - Local File Inclusion vulnerability
https://notcve.org/view.php?id=CVE-2024-56282
03 Jan 2025 — Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elicus WPMozo Addons Lite for Elementor allows PHP Local File Inclusion.This issue affects WPMozo Addons Lite for Elementor: from n/a through 1.1.0. La vulnerabilidad de control inadecuado del nombre de archivo para la declaración Include/Require en el programa PHP ('Inclusión de archivos remotos PHP') en Elicus WPMozo Addons Lite para Elementor permite la inclusión de archivos locales PH... • https://patchstack.com/database/wordpress/plugin/wpmozo-addons-lite-for-elementor/vulnerability/wordpress-wpmozo-addons-lite-for-elementor-plugin-1-1-0-local-file-inclusion-vulnerability?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22321 – WordPress ElementsCSS Addons for Elementor plugin <= 1.0.8.7 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-22321
03 Jan 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TheInnovs ElementsCSS Addons for Elementor allows Stored XSS.This issue affects ElementsCSS Addons for Elementor: from n/a through 1.0.8.7. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en TheInnovs ElementsCSS Addons para Elementor permite XSS almacenado. Este problema afecta a ElementsCSS Addons para Elementor: desde n/a hasta 1.... • https://patchstack.com/database/wordpress/plugin/css-for-elementor/vulnerability/wordpress-elementscss-addons-for-elementor-plugin-1-0-8-7-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22323 – WordPress Image Hover Effects for Elementor plugin <= 1.0.2.3 - Stored Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-22323
03 Jan 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jewel Theme Image Hover Effects for Elementor allows Stored XSS.This issue affects Image Hover Effects for Elementor: from n/a through 1.0.2.3. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en Jewel Theme Image Hover Effects para Elementor permite XSS almacenado. Este problema afecta a los efectos de desplazamiento de imágenes para... • https://patchstack.com/database/wordpress/plugin/image-hover-effects-elementor-addon/vulnerability/wordpress-image-hover-effects-for-elementor-plugin-1-0-2-3-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22333 – WordPress Piotnet Addons For Elementor plugin <= 2.4.31 - Cross-Site Scripting vulnerability
https://notcve.org/view.php?id=CVE-2025-22333
03 Jan 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.31. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en Piotnet Piotnet Addons For Elementor permite XSS almacenado. Este problema afecta a Piotnet Addons For Elementor: desde n/a hasta 2.4.31. The Piotnet Addon... • https://patchstack.com/database/wordpress/plugin/piotnet-addons-for-elementor/vulnerability/wordpress-piotnet-addons-for-elementor-plugin-2-4-31-cross-site-scripting-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56241 – WordPress WPKoi Templates for Elementor plugin <= 3.1.3 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-56241
30 Dec 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPKoi WPKoi Templates for Elementor allows Stored XSS.This issue affects WPKoi Templates for Elementor: from n/a through 3.1.3. The WPKoi Templates for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access ... • https://patchstack.com/database/wordpress/plugin/wpkoi-templates-for-elementor/vulnerability/wordpress-wpkoi-templates-for-elementor-plugin-3-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56268 – WordPress Post Grid Elementor Addon plugin <= 2.0.18 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-56268
30 Dec 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Hait Post Grid Elementor Addon allows Stored XSS.This issue affects Post Grid Elementor Addon: from n/a through 2.0.18. The Post Grid Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and abov... • https://patchstack.com/database/wordpress/plugin/post-grid-elementor-addon/vulnerability/wordpress-post-grid-elementor-addon-plugin-2-0-18-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56221 – WordPress WPMozo Addons Lite for Elementor plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-56221
19 Dec 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elicus WPMozo Addons Lite for Elementor allows Stored XSS.This issue affects WPMozo Addons Lite for Elementor: from n/a through 1.2.0. The WPMozo Addons Lite for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev... • https://patchstack.com/database/wordpress/plugin/wpmozo-addons-lite-for-elementor/vulnerability/wordpress-wpmozo-addons-lite-for-elementor-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •