Vulnerabilities in bdthemes
84 resultsCVE-2025-49903MEDIUMWordPress ZoloBlocks plugin <= 2.3.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-47392MEDIUMWordPress Element Pack Elementor Addons plugin <= 5.7.5 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-43342MEDIUMWordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-47629MEDIUMWordPress Ultimate Store Kit Elementor Addons plugin <= 2.0.5 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-40745HIGHWordPress Element Pack Elementor Addons plugin <= 8.4.2 - SQL Injection vulnerabilityEPSS 0.2%CVE-2025-7644MEDIUMPixel Gallery Addons for Elementor – Easy Grid, Creative Gallery, Drag and Drop Grid, Custom Grid Layout, Portfolio Gallery <= 1.6.7 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2024-9058MEDIUMElement Pack Elementor Addons <= 5.10.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Lightbox WidgetEPSS 0.2%CVE-2025-24584MEDIUMWordPress Ultimate Store Kit Elementor Addons plugin <= 2.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-9075MEDIUMZoloBlocks – Gutenberg Block Editor Plugin with Advanced Blocks, Dynamic Content, Templates & Patterns <= 2.3.10 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-12134MEDIUMZoloBlocks <= 2.3.11 - Missing Authorization to Unauthenticated Popup Enable/DisableEPSS 0.2%CVE-2025-11536MEDIUMElement Pack Addons for Elementor <= 8.2.5 - Authenticated (Subscriber+) Blind Server-Side Request ForgeryEPSS 0.2%CVE-2024-12043MEDIUMPrime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) <= 3.16.5 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-60161MEDIUMWordPress ZoloBlocks Plugin <= 2.3.11 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2025-58230MEDIUMWordPress ZoloBlocks plugin <= 2.3.12 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-58017MEDIUMWordPress Ultimate Store Kit Elementor Addons plugin <= 2.8.6 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-5292MEDIUMElement Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks, Widgets and WooCommerce Builder <= 5.11.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-1458MEDIUMElement Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) <= 5.10.29 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-46258MEDIUMWordPress Element Pack Pro Plugin < 8.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-2168MEDIUMUltimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 2.4.1 - Cross-Site Request Forgery to Limited User Meta UpdateEPSS 0.2%CVE-2025-69336MEDIUMWordPress Ultimate Store Kit Elementor Addons plugin <= 2.9.4 - Broken Access Control vulnerabilityEPSS 0.2%