cleantalk
Vulnerabilities and Security Researches

ElementsKit Elementor addons, CVE-2021-24258

CVE, Research URL

CVE-2021-24258

Home page URL

Security reports for ElementsKit Elementor addons

Application

ElementsKit Elementor addons

Published on
May 06, 2021
Research Description
The Elements Kit Lite and Elements Kit Pro WordPress Plugins before 2.2.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Affected versions
Min -, max 2.2.0.
Status
vulnerable
Previous vulnerability researches
ElementsKit Elementor addons (CVE-2024-8546) , Sep 25, 2024
ElementsKit Elementor addons (CVE-2024-11180) , Mar 31, 2025
ElementsKit Elementor addons (CVE-2024-37255) , Jul 01, 2024
ElementsKit Elementor addons (CVE-2024-10091) , Oct 26, 2024
ElementsKit Elementor addons , Dec 27, 2024
New vulnerability
AI Search Bar (CVE-2025-31563) , Apr 04, 2025
Ship Per Product (CVE-2025-31773) , Apr 04, 2025
ContentBot AI Writer (ChatGPT, GPT3, GPT4) (CVE-2025-31818) , Apr 04, 2025
Oracle Cards Lite (CVE-2025-30852) , Apr 04, 2025
SCSS WP Editor (CVE-2025-31808) , Apr 04, 2025