← Back

Posimyth

posimyth

42 CVEs • 5 products

Products (5)

Click to collapse
Toggle
The Plus Addons For Elementor
the_plus_addons_for_elementor
37 CVEs
Nexter Extension
nexter_extension
2 CVEs
The Plus Addons For Elementor Page Builder Lite
the_plus_addons_for_elementor_page_builder_lite
1 CVE
Nexter
nexter
1 CVE
Nexter Blocks
nexter_blocks
1 CVE

CVEs (42)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24266
1Posimyth
1The Plus Addons For Elementor Page Builder Lite
Nov 21, 2024
May 5, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The “The Plus Addons for Elementor Page Builder Lite” WordPress Plugin before 2.0.6 has four widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a simi...Show more
The “The Plus Addons for Elementor Page Builder Lite” WordPress Plugin before 2.0.6 has four widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.Show less
CVE-2021-24175
1Posimyth
1The Plus Addons For Elementor
Nov 21, 2024
Apr 5, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user (including admin...Show more
The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user (including admin) by just providing the related username, as well as create accounts with arbitrary roles, such as admin. These issues can be exploited even if registration is disabled, and the Login widget is not active.Show less