cleantalk
Vulnerabilities and Security Researches

130+ Widgets | Best Addons For Elementor – FREE, CVE-2024-10319

CVE, Research URL

CVE-2024-10319

Home page URL

Security reports for 130+ Widgets | Best Addons For Elementor – FREE

Application

130+ Widgets | Best Addons For Elementor – FREE

Published on
Nov 05, 2024
Research Description
The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the render function in widgets/content-toggle/layout/frontend.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.
Affected versions
Min -, max 1.4.6.1.
Status
vulnerable
Previous vulnerability researches
130+ Widgets | Best Addons For Elementor – FREE (CVE-2024-54253) , Dec 11, 2024
130+ Widgets | Best Addons For Elementor – FREE (CVE-2024-12584) , Jan 08, 2025
130+ Widgets | Best Addons For Elementor – FREE (CVE-2025-2108) , Mar 21, 2025
130+ Widgets | Best Addons For Elementor – FREE (CVE-2025-32163) , Apr 05, 2025
130+ Widgets | Best Addons For Elementor – FREE (CVE-2024-2250) , Jun 07, 2024
New vulnerability
Raptive Ads (CVE-2025-32554) , Apr 17, 2025
Contact Form by Supsystic (CVE-2024-13452) , Apr 17, 2025
Affiliate Links Lite (CVE-2025-32639) , Apr 17, 2025
Administrator Z (CVE-2025-26959) , Apr 17, 2025
Simple Social Media Share Buttons – Social Sharing for Everyone (CVE-2024-13610) , Apr 17, 2025