Vulnerabilities in posimyththemes
37 resultsCVE-2021-4331HIGHThe Plus Addons for Elementor PRO <= 4.1.9 & The Plus Addons for Elementor <= 2.0.6 - Authenticated (Contributor+) Privilege EscalationEPSS 0.9%CVE-2021-4332MEDIUMThe Plus Addons for Elementor PRO <= 4.1.9 & The Plus Addons for Elementor <= 2.0.6 - Authenticated (Contributor+) Arbitrary File ReadEPSS 0.8%CVE-2024-4484MEDIUMThe Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.5.2 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.7%CVE-2024-5455HIGHThe Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.5.6 - Authenticated (Contributor+) Local File InclusionEPSS 0.6%CVE-2024-2203MEDIUMThe Plus Addons for Elementor <= 5.4.1 - Authenticated (Contributor+) Local File Inclusion via Clients WidgetEPSS 0.6%CVE-2024-0445MEDIUMThe Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.5%CVE-2024-3199MEDIUMThe Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown WidgetEPSS 0.5%CVE-2024-2210MEDIUMThe Plus Addons for Elementor <= 5.4.1 - Authenticated (Contributor+) Local File Inclusion via Team Member ListingEPSS 0.5%CVE-2026-0726HIGHNexter Extension – Site Enhancements Toolkit <= 4.4.6 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace'EPSS 0.5%CVE-2024-3197MEDIUMThe Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom AttributesEPSS 0.4%CVE-2024-5020MEDIUMMultiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript LibraryEPSS 0.4%CVE-2024-3718MEDIUMThe Plus Addons for Elementor <= 5.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Progress Bar, Header Meta Content, Scroll Navigation, Pricing Table, & Flip BoxEPSS 0.4%CVE-2024-4482MEDIUMThe Plus Addons for Elementor <= 5.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown WidgetEPSS 0.4%CVE-2024-11829MEDIUMThe Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.1.8 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-4983MEDIUMThe Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.0- Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-8913MEDIUMThe Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.11 - Authenticated (Contributor+) Sensitive Information Exposure via content_templateEPSS 0.4%CVE-2024-5763MEDIUMThe Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video WidgetEPSS 0.4%CVE-2024-1419MEDIUMThe Plus Addons for Elementor <= 5.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting Header Meta Content WidgetEPSS 0.3%CVE-2024-10365MEDIUMThe Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.0.3 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor TemplatesEPSS 0.3%CVE-2024-2785MEDIUMThe Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age GateEPSS 0.3%