Athemes Addons For Elementor

athemes_addons_for_elementor

Vendor: Athemes • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-32158 1Athemes 1Athemes Addons For Elementor Apr 23, 2026 Apr 10, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite.This issue affects aThem...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite.This issue affects aThemes Addons for Elementor: from n/a through <= 1.1.3.Show less
CVE-2025-22646 1Athemes 1Athemes Addons For Elementor Apr 23, 2026 Mar 27, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows Stored XSS.This issue affects aTheme...Show more Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through <= 1.0.8.Show less
CVE-2024-13547 1Athemes 1Athemes Addons For Elementor Feb 24, 2025 Feb 1, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions up to, and including, 1.0.12 due to insufficient input sanitization and ou...Show more The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions up to, and including, 1.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2024-51675 1Athemes 1Athemes Addons For Elementor Apr 23, 2026 Nov 9, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows DOM-Based XSS.This issue affects aTh...Show more Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows DOM-Based XSS.This issue affects aThemes Addons for Elementor: from n/a through <= 1.0.7.Show less