cleantalk
Vulnerabilities and Security Researches

Elementor Addons, Widgets and Enhancements – Stax, 0ab16fc63ad77c8b7e6d60604282a5fc981f3f0b

CVE, Research URL

0ab16fc63ad77c8b7e6d60604282a5fc981f3f0b

Home page URL

Security reports for Elementor Addons, Widgets and Enhancements – Stax

Application

Elementor Addons, Widgets and Enhancements – Stax

Published on
Mar 21, 2023
Research Description
Elementor Addons, Widgets and Enhancements &#8211; Stax [stax-addons-for-elementor] < 1.4.4.1 (closed) WordPress Elementor Addons, Widgets and Enhancements – Stax Plugin <= 1.4.3 is vulnerable to Cross Site Request Forgery (CSRF) No patched version is available. No reply from the vendor. Lana Codes discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Elementor Addons, Widgets and Enhancements – Stax Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.
Affected versions
max 1.4.4.1.
Status
vulnerable
Previous vulnerability researches
Elementor Addons, Widgets and Enhancements &#8211; Stax (CVE-2024-37541) , Jul 08, 2024
Elementor Addons, Widgets and Enhancements &#8211; Stax (CVE-2024-3064) , Jun 06, 2024
Elementor Addons, Widgets and Enhancements &#8211; Stax (CVE-2023-2189) , Jun 06, 2024
Elementor Addons, Widgets and Enhancements &#8211; Stax (0ab16fc63ad77c8b7e6d60604282a5fc981f3f0b) , Jun 06, 2024
Elementor Addons, Widgets and Enhancements &#8211; Stax (CVE-2023-1807) , Jun 06, 2024
New vulnerability
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX &#8211; Best FOMO, Social Proof, WooCommerce Sales Popup &amp; Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System &#8211; Booking Calendar (CVE-2025-68515) , Mar 31, 2026
UPI QR Code Payment Gateway for WooCommerce (CVE-2025-67969) , Mar 31, 2026