Wpmet
wpmet
67 CVEs • 9 products
Products (9)
Click to collapseToggle
Products (9)
Click to collapse
CVEs (67)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Wpmet 1Elementskit Elementor Addons Jul 28, 2025 Jul 24, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attribute of a custom widget in all versions up to, and including, 3.5.2 due to insufficient in...Show more |
1Wpmet 1Elementskit Elementor Addons Jul 10, 2025 Jun 19, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin image comparison widget's before/after labels in all versions up to, and including, 3.5.2 du...Show more |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ataur R GutenKit gutenkit-blocks-addon allows Stored XSS.This issue affects GutenKit: from n/a through <= 2.2.2. |
1Wpmet 1Elementskit Elementor Addons Jul 29, 2025 Mar 29, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer Widget ekit_countdown_timer_title parameter in all versions up to, and including, 3.4.7 due to in...Show more |
1Wpmet 1Wp Social Login And Register Social Counter Aug 1, 2025 Feb 28, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. This is due to missing or incorrect nonce validation on the co...Show more |
1Wpmet 1Elementskit Elementor Addons Feb 25, 2025 Feb 19, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.0 due to a missing capability checks on the get_megamenu_content() function...Show more |
1Wpmet 1Elementskit Elementor Addons Feb 24, 2025 Feb 15, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion widget in all versions up to, and including, 3.4.0 due to insufficient input sanitizatio...Show more |
The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.7.8 due to insufficient input sanitization and output escapi...Show more |
1Wpmet 1Metform Elementor Contact Form Builder Apr 29, 2026 Dec 9, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in Roxnor Metform metform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Metform: from n/a through <= 3.4.0. |
1Wpmet 1Elements Kit Elementor Addons Apr 23, 2026 Nov 1, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Missing Authorization vulnerability in Roxnor ElementsKit Elementor addons Lite elementskit-lite.This issue affects ElementsKit Elementor addons Lite: from n/a through <= 3.1.4. |
1Wpmet 1Elements Kit Elementor Addons Jan 16, 2025 Oct 26, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Comparison Widget in all versions up to, and including, 3.2.9 due to insufficient input sanitization and ou...Show more |
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video widget in all versions up to, and including, 3.2.7 due to insufficient input sanitization and outp...Show more |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ElementsKit ElementsKit Pro allows PHP Local File Inclusion.This issue affects ElementsKit Pro: from n/a through 3.6.0. |
1Wpmet 1Metform Elementor Contact Form Builder Apr 23, 2025 Aug 17, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type validation in versions up to, and including, 3.2.4. This allows unauthenticated visitors to pe...Show more |
The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping. This ma...Show more |
The ElementsKit Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.6 via the 'render_raw' function. This can allow authenticated attackers, with Contributor...Show more |
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta funct...Show more |
1Wpmet 1Elements Kit Elementor Addons Jan 16, 2025 Jul 18, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.2.0 due to a missing capability checks on ekit_widgetarea_content function. This makes i...Show more |
1Wpmet 1Elements Kit Elementor Addons Apr 9, 2025 Jun 19, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Missing Authorization vulnerability in Wpmet Elements kit Elementor addons.This issue affects Elements kit Elementor addons: from n/a through 2.9.0. |
The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Motion Text and Table widgets in all versions up to, and including, 3.6.2 due to insufficient input sanitization and...Show more |