Vulnerabilities and security researches forut-elementor-addons-lite ut-elementor-addons-lite

Mar 01, 2025

CVE, Research URL: CVE-2024-13832
Home page URL: Security reports for Ultra Addons Lite for Elementor
Application: Ultra Addons Lite for Elementor
Date: Feb 28, 2025
Research Description: The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.8 via the 'ut_elementor' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to.
Affected versions: Min -, max -.
Status: vulnerable

Apr 05, 2025

CVE, Research URL: CVE-2025-32192
Home page URL: Security reports for Ultra Addons Lite for Elementor
Application: Ultra Addons Lite for Elementor
Date: Apr 04, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UltraPress Ultra Addons Lite for Elementor allows Stored XSS. This issue affects Ultra Addons Lite for Elementor: from n/a through 1.1.8.
Affected versions: Min -, max -.
Status: vulnerable