Vulnerabilities and security researches forgold-addons-for-elementor gold-addons-for-elementor

Dec 07, 2024

CVE, Research URL: CVE-2024-12110
Home page URL: Security reports for Gold Addons for Elementor
Application: Gold Addons for Elementor
Date: Dec 06, 2024
Research Description: The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate() and deactivate() functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate and deactivate licenses.
Affected versions: max 1.3.2.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2024-34563
Home page URL: Security reports for Gold Addons for Elementor
Application: Gold Addons for Elementor
Date: May 08, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoldAddons Gold Addons for Elementor allows Stored XSS.This issue affects Gold Addons for Elementor: from n/a through 1.2.9.
Affected versions: max 1.3.0.
Status: vulnerable