cleantalk
Vulnerabilities and Security Researches

ElementsKit Elementor addons, CVE-2021-24258

CVE, Research URL

CVE-2021-24258

Home page URL

Security reports for ElementsKit Elementor addons

Application

ElementsKit Elementor addons

Published on
May 06, 2021
Research Description
The Elements Kit Lite and Elements Kit Pro WordPress Plugins before 2.2.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Affected versions
max 2.2.0.
Status
vulnerable
Previous vulnerability researches
ElementsKit Elementor addons (CVE-2024-8546) , Sep 25, 2024
ElementsKit Elementor addons (CVE-2024-11180) , Mar 31, 2025
ElementsKit Elementor addons (CVE-2024-37255) , Jul 01, 2024
ElementsKit Elementor addons (CVE-2024-10091) , Oct 26, 2024
ElementsKit Elementor addons , Dec 27, 2024
New vulnerability
FileBird – WordPress Media Library Folders & File Manager (CVE-2025-11510) , Oct 29, 2025
WordPress Webinar Plugin – WebinarPress (CVE-2025-62972) , Oct 29, 2025
Genealogical Tree – WordPress Family Tree (CVE-2025-58023) , Oct 12, 2025
WPB Quick View Popup for WooCommerce – Display Product Informations in Popup on Button Click (CVE-2025-57967) , Oct 12, 2025
Mixtape (CVE-2025-9860) , Oct 12, 2025