Filtered by vendor Nicheaddons
Subscribe
Total
16 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-54314 | 1 Nicheaddons | 1 Primary Addon For Elementor | 2025-04-11 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Primary Addon for Elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through 1.6.0. | |||||
| CVE-2024-54315 | 1 Nicheaddons | 1 Events Addon For Elementor | 2025-04-11 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Events Addon for Elementor allows DOM-Based XSS.This issue affects Events Addon for Elementor: from n/a through 2.2.2. | |||||
| CVE-2024-54316 | 1 Nicheaddons | 1 Restaurant \& Cafe Addon For Elementor | 2025-04-11 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows DOM-Based XSS.This issue affects Restaurant & Cafe Addon for Elementor: from n/a through 1.5.8. | |||||
| CVE-2024-10670 | 1 Nicheaddons | 1 Primary Addon For Elementor | 2025-04-11 | N/A | 4.3 MEDIUM |
| The Primary Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.2 via the [prim_elementor_template] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created with Elementor that they should not have access to. | |||||
| CVE-2023-47826 | 1 Nicheaddons | 1 Restaurant \& Cafe Addon For Elementor | 2025-04-07 | N/A | 6.5 MEDIUM |
| Missing Authorization vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restaurant & Cafe Addon for Elementor: from n/a through 1.5.3. | |||||
| CVE-2024-5229 | 1 Nicheaddons | 1 Primary Addon For Elementor | 2025-04-04 | N/A | 6.4 MEDIUM |
| The Primary Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2024-51938 | 1 Nicheaddons | 1 Charity Addon For Elementor | 2025-03-31 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Charity Addon for Elementor allows DOM-Based XSS.This issue affects Charity Addon for Elementor: from n/a through 1.3.2. | |||||
| CVE-2024-12062 | 1 Nicheaddons | 1 Charity Addon For Elementor | 2025-03-27 | N/A | 4.3 MEDIUM |
| The Charity Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.2 via the 'nacharity_elementor_template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to. | |||||
| CVE-2024-49264 | 1 Nicheaddons | 1 Events Addon For Elementor | 2025-03-24 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Events Addon for Elementor allows Stored XSS.This issue affects Events Addon for Elementor: from n/a through 2.2.0. | |||||
| CVE-2024-49259 | 1 Nicheaddons | 1 Primary Addon For Elementor | 2025-03-24 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Primary Addon for Elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through 1.5.8. | |||||
| CVE-2024-44033 | 1 Nicheaddons | 1 Primary Addon For Elementor | 2025-03-24 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Primary Addon for Elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through 1.5.7. | |||||
| CVE-2024-44032 | 1 Nicheaddons | 1 Restaurant \& Cafe Addon For Elementor | 2025-03-24 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows Stored XSS.This issue affects Restaurant & Cafe Addon for Elementor: from n/a through 1.5.5. | |||||
| CVE-2024-44026 | 1 Nicheaddons | 1 Charity Addon For Elementor | 2025-03-24 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Charity Addon for Elementor allows Stored XSS.This issue affects Charity Addon for Elementor: from n/a through 1.3.0. | |||||
| CVE-2023-47827 | 1 Nicheaddons | 1 Events Addon For Elementor | 2024-11-21 | N/A | 6.5 MEDIUM |
| Incorrect Authorization vulnerability in NicheAddons Events Addon for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Events Addon for Elementor: from n/a through 2.1.3. | |||||
| CVE-2024-51585 | 1 Nicheaddons | 1 Sales Page Addon | 2024-11-15 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Sales Page Addon – Elementor & Beaver Builder allows Stored XSS.This issue affects Sales Page Addon – Elementor & Beaver Builder: from n/a through 1.4.2. | |||||
| CVE-2024-51581 | 1 Nicheaddons | 1 Restaurant \& Cafe Addon For Elementor | 2024-11-13 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows Stored XSS.This issue affects Restaurant & Cafe Addon for Elementor: from n/a through 1.5.6. | |||||