ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-13125 | 6.4 |
An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if re
|
21-07-2021 - 11:39 | 17-05-2020 - 01:15 | |
CVE-2021-24271 | 3.5 |
The “Ultimate Addons for Elementor” WordPress Plugin before 1.30.0 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
|
21-05-2021 - 15:20 | 05-05-2021 - 19:15 |