cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forthe-pack-addon the-pack-addon

Direction: descending
Oct 12, 2025

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) # CVE-2025-8214

CVE, Research URL

CVE-2025-8214

Home page URL

Security reports for The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Date
Sep 30, 2025
Research Description
The The Pack Elementor addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typing Letter widget in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 2.1.5.
Status
vulnerable
Jul 02, 2025

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) # CVE-2025-6550

CVE, Research URL

CVE-2025-6550

Home page URL

Security reports for The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Date
Jun 27, 2025
Research Description
The The Pack Elementor addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slider_options’ parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 2.1.3.
Status
vulnerable
Apr 25, 2025

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) # CVE-2025-46472

CVE, Research URL

CVE-2025-46472

Home page URL

Security reports for The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Date
Apr 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon The Pack Elementor addons allows Stored XSS. This issue affects The Pack Elementor addons: from n/a through 2.1.2.
Affected versions
max 2.1.2.
Status
vulnerable
Apr 02, 2025

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) # CVE-2025-30925

CVE, Research URL

CVE-2025-30925

Home page URL

Security reports for The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Date
Mar 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon The Pack Elementor addons allows Stored XSS. This issue affects The Pack Elementor addons: from n/a through 2.1.1.
Affected versions
max 2.1.2.
Status
vulnerable

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) # CVE-2025-30845

CVE, Research URL

CVE-2025-30845

Home page URL

Security reports for The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Date
Mar 27, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in webangon The Pack Elementor addons allows PHP Local File Inclusion. This issue affects The Pack Elementor addons: from n/a through 2.1.1.
Affected versions
max 2.1.2.
Status
vulnerable
Nov 12, 2024

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) # CVE-2024-52356

CVE, Research URL

CVE-2024-52356

Home page URL

Security reports for The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Date
Nov 11, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webangon The Pack Elementor addons allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through 2.1.0.
Affected versions
max 2.1.1.
Status
vulnerable
Oct 28, 2024

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) # CVE-2024-50453

CVE, Research URL

CVE-2024-50453

Home page URL

Security reports for The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

Date
-
Research Description
The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library) [the-pack-addon] < 2.1.0 CVE-2024-50453
Affected versions
max 2.1.0.
Status
vulnerable
Oct 03, 2024

The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library) # CVE-2024-47383

CVE, Research URL

CVE-2024-47383

Home page URL

Security reports for The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library)

Date
Oct 05, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webangon The Pack Elementor addons allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through 2.0.8.8.
Affected versions
max 2.0.9.
Status
vulnerable
Jul 20, 2024

The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library) # CVE-2024-38768

CVE, Research URL

CVE-2024-38768

Home page URL

Security reports for The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library)

Date
Aug 02, 2024
Research Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Webangon The Pack Elementor addons allows PHP Local File Inclusion, Path Traversal.This issue affects The Pack Elementor addons: from n/a through 2.0.8.6.
Affected versions
max 2.0.8.7.
Status
vulnerable
Jun 06, 2024

The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library) # CVE-2024-32718

CVE, Research URL

CVE-2024-32718

Home page URL

Security reports for The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library)

Date
Apr 24, 2024
Research Description
Server-Side Request Forgery (SSRF) vulnerability in Webangon The Pack Elementor.This issue affects The Pack Elementor addons: from n/a through 2.0.8.2.
Affected versions
max 2.0.8.3.
Status
vulnerable

The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library) # CVE-2024-32785

CVE, Research URL

CVE-2024-32785

Home page URL

Security reports for The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library)

Application

The Pack Elementor addons (Header Footer &amp; WooCommerce Builder, Template Library)

Date
Apr 24, 2024
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Webangon The Pack Elementor addons allows Cross-Site Scripting (XSS).This issue affects The Pack Elementor addons: from n/a through 2.0.8.3.
Affected versions
max 2.0.8.4.
Status
vulnerable