Essential Addons for Elementor
WPDeveloper
Developer
6.5.13
Latest version
2,000,000
Installations
No date
Last updated
Vulnerability history
0 present
52 patched
7 Mitigation rules
- Authenticated (Contributor+) Stored Cross-Site Scripting via Info Box Widget vulnerability<= 6.5.913/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.1102/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery & Interactive Circle vulnerability<= 5.9.1502/02/2026
- Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Several Widgets vulnerability<= 5.9.1902/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' vulnerability<= 5.9.1902/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery Widget vulnerability<= 6.0.302/02/2026
- Cross Site Scripting (XSS) vulnerability<= 6.5.306/01/2026
- Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability<= 6.0.431/12/2025
- Authenticated(Contributor+) Stored Cross-Site Scripting via Event Calendar Widget vulnerability<= 6.1.1231/12/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 6.5.316/12/2025
- Broken Access Control vulnerability<= 6.5.518/11/2025
- Broken Access Control vulnerability<= 6.2.417/09/2025
- Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'data-gallery-items' vulnerability<= 6.2.214/08/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via `Calendar` And `Business Reviews` Widgets vulnerability<= 6.1.1907/07/2025
- Authenticated(Contributor+) Stored Cross-Site Scripting via Pricing Table Widget vulnerability<= 6.1.1209/06/2025
- Sensitive Data Exposure Vulnerability<= 6.1.916/04/2025
- Cross Site Scripting (XSS) Vulnerability<= 6.1.916/04/2025
- Reflected Cross Site Scripting (XSS) vulnerability<= 6.0.1404/02/2025
- Cross Site Scripting (XSS) vulnerability<= 6.0.718/12/2024
- Authenticated (Author+) Sensitive Information Exposure to Privilege Escalation vulnerability<= 6.0.914/11/2024
- Authenticated (Contributor+) Sensitive Information Exposure vulnerability<= 6.0.914/11/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 6.0.714/11/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget vulnerability<= 6.0.311/09/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via no_more_items_text Parameter vulnerability<= 5.9.2713/08/2024
- Cross Site Scripting (XSS) vulnerability<= 5.9.2601/08/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.2311/06/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.2206/06/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Feed vulnerability<= 5.9.2129/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.2014/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via 'Interactive Circles' vulnerability<= 5.9.1910/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.1701/05/2024
- Information Exposure vulnerability<= 5.9.1525/04/2024
- Authenticated (Contributor+) Store Cross-Site Scripting via Widget URL Attribute vulnerability<= 5.9.1417/04/2024
- Authenticated (Author+) PHP Object Injection via error_resetpassword vulnerability<= 5.9.1301/04/2024
- Unauthenticated Sensitive Information Exposure vulnerability<= 5.9.1301/04/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.1126/03/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar vulnerability<= 5.9.912/03/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Data Table vulnerability<= 5.9.912/03/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery vulnerability<= 5.9.813/02/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion vulnerability<= 5.9.813/02/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.813/02/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.813/02/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.702/02/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Image URl vulnerability<= 5.9.418/01/2024
- Authenticated (Contributor+) Stored Cross-Site Scritping vulnerability<= 5.9.418/01/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.204/01/2024
- Contributor+ Privilege Escalation vulnerability<= 5.8.815/09/2023
- Unauthenticated MailChimp API Key Disclosure vulnerability<= 5.8.120/07/2023
- Unauthenticated Privilege Escalation vulnerability5.4.0-5.7.111/05/2023
- Reflected Cross-Site Scripting (XSS) vulnerability<= 5.0.818/02/2022
- Unauthenticated Local File Inclusion (LFI) vulnerability<= 5.0.431/01/2022
- Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities<= 4.5.313/04/2021