Exposición de Elementor
Page builders, WordPress plugins702
score de exposición
960.635
sitios usan
0
en explotación
46
críticos
CVEs
1532 resultadosCVE-2024-5757MEDIUMElementor Header & Footer Builder <= 1.6.35 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title WidgetEPSS 0.4%CVE-2024-3718MEDIUMThe Plus Addons for Elementor <= 5.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Progress Bar, Header Meta Content, Scroll Navigation, Pricing Table, & Flip BoxEPSS 0.4%CVE-2024-4482MEDIUMThe Plus Addons for Elementor <= 5.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown WidgetEPSS 0.4%CVE-2024-5662MEDIUMUltimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) <= 3.11.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Count (Static) WidgetEPSS 0.4%CVE-2024-8899MEDIUMJeg Elementor Kit <= 2.6.9 - Authenticated (Contributor+) Sensitive Information Exposure via sg_content_templateEPSS 0.4%CVE-2023-48759HIGHWordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Arbitrary Attachment Download vulnerabilityEPSS 0.4%CVE-2024-1996MEDIUMPremium Addons for Elementor PRO <= 2.9.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via widget linkEPSS 0.4%CVE-2024-9059MEDIUMRoyal Elementor Addons and Template <= 1.7.1001 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Google Maps WidgetEPSS 0.4%CVE-2024-9668MEDIUMRoyal Elementor Addons and Templates <= 1.7.1001 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown WidgetEPSS 0.4%CVE-2024-32681MEDIUMWordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35660MEDIUMWordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on API vulnerabilityEPSS 0.4%CVE-2024-3547MEDIUMUnlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Reflected Cross-Site ScriptingEPSS 0.4%CVE-2024-5036MEDIUMSina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-6455MEDIUMElementsKit Elementor addons <= 3.2.0 - Unauthenticated Information Exposure via ekit_widgetarea_content FunctionEPSS 0.4%CVE-2024-12046MEDIUMMedical Addon for Elementor <= 1.6.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via ShortcodeEPSS 0.4%CVE-2025-6325CRITICALWordPress King Addons for Elementor plugin <= 51.1.36 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2024-29101MEDIUMWordPress Jeg Elementor Kit plugin <= 2.6.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-43293MEDIUMWordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.3.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-23683MEDIUMWordPress White Label Branding for Elementor Page Builder Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2022-47170MEDIUMWordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.48 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →