Exclusive Addons Elementor

Tim Strifler

Developer

2.7.9.8

Latest version

60,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

25 patched

0 Mitigation rules

Authenticated(Contributor+) Stored Cross-Site Scripting via Post Grid vulnerability
<= 2.6.9.2
02/02/2026
Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action vulnerability
<= 2.6.9.4
02/02/2026
Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown vulnerability
<= 2.7.9.4
06/08/2025
Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget vulnerability
<= 2.7.9.1
27/05/2025
Cross Site Scripting (XSS) Vulnerability
<= 2.7.9
19/05/2025
Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Image Comparison Widgets vulnerability
<= 2.7.6
27/02/2025
Authenticated (Contributor+) Sensitive Information Exposure vulnerability
<= 2.7.4
28/10/2024
Cross-Site Scripting vulnerability
<= 2.7.1
15/10/2024
Contributor+ Stored Cross-Site Scripting via Card Widget vulnerability
<= 2.6.9.8
26/06/2024
Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Widget vulnerability
<= 2.6.9.6
15/05/2024
Broken Access Control on Post Duplication vulnerability
<= 2.6.9.1
29/04/2024
Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget vulnerability
<= 2.6.9.3
23/04/2024
Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Expired Title vulnerability
<= 2.6.9.4
23/04/2024
Cross Site Scripting (XSS) vulnerability
<= 2.6.9.2
16/04/2024
Broken Access Control vulnerability
<= 2.6.9
11/04/2024
Cross Site Scripting (XSS) vulnerability
<= 2.6.9
26/03/2024
Cross Site Scripting (XSS) vulnerability
<= 2.6.8
25/03/2024
Authenticated (Contributor+) Stored Cross-Site Scripting via Call To Action Widget vulnerability
<= 2.6.9
01/03/2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.6.9
01/03/2024
Authenticated (Contributor+) Stored Cross-Site Scripting via Covid-19 Stats Widget vulnerability
<= 2.6.9
01/03/2024
Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget vulnerability
<= 2.6.9
01/03/2024
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
<= 2.6.8
29/01/2024
Authenticated (Contributor+) Stored Cross-Site Scripting via Link Anything vulnerability
<= 2.6.8
29/01/2024
Cross-Site Request Forgery (CSRF) vulnerability
<= 2.6.1
21/03/2023
Cross-Site Request Forgery (CSRF) vulnerability
<= 2.6.1
27/01/2023