cleantalk
Vulnerabilities and Security Researches

UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element, CVE-2024-49277

CVE, Research URL

CVE-2024-49277

Home page URL

Security reports for UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element

Application

UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element

Published on
Oct 18, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodeAstrology Team UltraAddons Elementor Lite allows Stored XSS.This issue affects UltraAddons Elementor Lite: from n/a through 1.1.8.
Affected versions
Min -, max 1.1.8.
Status
vulnerable
Previous vulnerability researches
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (db4ed23e814e247654db61f48f5a3522297aeb2d) , Jun 07, 2024
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (CVE-2025-32264) , Apr 05, 2025
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (CVE-2024-49277) , Oct 20, 2024
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (CVE-2024-10696) , Nov 22, 2024
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (CVE-2024-37554) , Jul 08, 2024
New vulnerability
Woo Product Feed For Marketing Channels (CVE-2025-31377) , Apr 10, 2025
Easy custom css by webriti (CVE-2025-31395) , Apr 10, 2025
Checkout Mestres WP (CVE-2025-32695) , Apr 10, 2025
Request Call Back (CVE-2025-32483) , Apr 10, 2025
QR Master (CVE-2025-32116) , Apr 10, 2025