Skip to main content

Addons For Elementor

17 CVEs product

Monthly

CVE-2024-8858 MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechart_settings’ parameter in all versions up to, and including, 8.5 due to insufficient. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-3639 MEDIUM This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Posts Grid widget in all versions up to, and including, 8.3.7 due to insufficient. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Addons For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-3638 MEDIUM This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Marquee Text Widget, Testimonials Widget, and Testimonial Slider widgets in all. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Addons For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-2926 MEDIUM This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 8.3.7 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Addons For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.5%
CVE-2024-2385 HIGH This Week

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.4 via several of the plugin's widgets through the 'style'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Path Traversal RCE WordPress +2
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-2655 MEDIUM This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post widgets in all versions up to, and including, 8.3.5 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Addons For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-2539 MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget '_id' attributes in all versions up to, and including, 8.3.6 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-1466 MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slider_style’ attribute of the Posts Multislider widget in all versions up to, and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor Elementor
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-1465 MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘carousel_skin’ attribute of the Posts Carousel widget in all versions up to, and including,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor Elementor
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-1464 MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Posts Slider widget in all versions up to, and including, 8.3.4 due. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor Elementor
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-1461 MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Team Members widget in all versions up to, and including, 8.3.4 due. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor Elementor
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-1458 MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘text_alignment’ attribute of the Animated Text widget in all versions up to, and including,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor Elementor
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-25598 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Addons For Elementor Elementor
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-27986 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Elementor Addons by Livemesh allows Stored XSS.3.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Addons For Elementor Elementor
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-1235 MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom class field in all versions up to, and including, 8.3.2 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2022-3862 MEDIUM POC This Month

The Livemesh Addons for Elementor WordPress plugin before 7.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Addons For Elementor
NVD WPScan
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-24260 MEDIUM POC This Month

The “Livemesh Addons for Elementor” WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Addons For Elementor
NVD WPScan
CVSS 3.1
5.4
EPSS
0.7%
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechart_settings’ parameter in all versions up to, and including, 8.5 due to insufficient. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Posts Grid widget in all versions up to, and including, 8.3.7 due to insufficient. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Addons For Elementor +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Marquee Text Widget, Testimonials Widget, and Testimonial Slider widgets in all. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Addons For Elementor +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 8.3.7 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Addons For Elementor +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.4 via several of the plugin's widgets through the 'style'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Path Traversal +4
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post widgets in all versions up to, and including, 8.3.5 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Addons For Elementor +1
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget '_id' attributes in all versions up to, and including, 8.3.6 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor +1
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slider_style’ attribute of the Posts Multislider widget in all versions up to, and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor +1
NVD VulDB
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘carousel_skin’ attribute of the Posts Carousel widget in all versions up to, and including,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor +1
NVD VulDB
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Posts Slider widget in all versions up to, and including, 8.3.4 due. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor +1
NVD VulDB
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Team Members widget in all versions up to, and including, 8.3.4 due. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor +1
NVD VulDB
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘text_alignment’ attribute of the Animated Text widget in all versions up to, and including,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Addons For Elementor Elementor
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Elementor Addons by Livemesh allows Stored XSS.3.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Addons For Elementor Elementor
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom class field in all versions up to, and including, 8.3.2 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Addons For Elementor +1
NVD
EPSS 0% CVSS 4.8
MEDIUM POC This Month

The Livemesh Addons for Elementor WordPress plugin before 7.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Addons For Elementor
NVD WPScan
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The “Livemesh Addons for Elementor” WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Addons For Elementor
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy