Abu Hurayra

Say thanks

2008.22

XP

207

Reports

2

Reports, last 90 days

#16

17 Nov, 2025

Lvl 5

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
King Addons for Elementor<= 51.1.36 Privilege Escalation	117.6	9.8	Jul 19, 2025
Blockspare<= 3.2.13.2 Sensitive Data Exposure	3.23	4.3	No date
Testimonial Slider<= 2.0.15 Broken Access Control	5.61	6.5	No date
SEO Meta Description Updater<= 1.2.0 Broken Access Control	2.42	4.3	No date
Nelio Content<= 4.0.5 Broken Access Control	4.88	6.5	No date
Post Grid and Gutenberg Blocks<= 2.3.17 Broken Access Control	11.21	6.5	No date
AR For WordPress<= 8.32 Cross Site Request Forgery (CSRF)	10.8	9.6	Jul 26, 2025
aThemes Addons for Elementor<= 1.1.2 Cross Site Scripting (XSS)	4.88	6.5	Jul 29, 2025
Stackable<= 3.18.1 Sensitive Data Exposure	12.9	4.3	Aug 5, 2025
Stackable<= 3.18.1 Broken Access Control	12.9	4.3	Aug 5, 2025
WordPress<= 6.8.2 Sensitive Data Exposure	64.5	4.3	Aug 4, 2025
PowerFolio<= 3.2.1 Cross Site Scripting (XSS)	4.88	6.5	Jul 16, 2025
Easy Hotel Booking<= 1.7.3 Cross Site Scripting (XSS)	N/A	6.5	Jul 17, 2025
Photo Gallery by Ays<= 6.3.8 Cross Site Scripting (XSS)	4.88	6.5	Jul 18, 2025
Open User Map<= 1.4.14 Cross Site Scripting (XSS)	4.88	6.5	Jul 19, 2025
Poll Maker<= 6.0.2 Cross Site Scripting (XSS)	4.88	6.5	Jul 19, 2025
Post Carousel Slider for Elementor<= 1.7.0 Broken Access Control	4.88	6.5	Jul 19, 2025
WPKoi Templates for Elementor<= 3.4.3 Cross Site Scripting (XSS)	4.88	6.5	Jul 26, 2025
Ultimate Store Kit Elementor Addons<= 2.8.6 Cross Site Scripting (XSS)	4.88	6.5	Jul 28, 2025
ZoloBlocks<= 2.3.12 Cross Site Scripting (XSS)	3.66	6.5	Jul 31, 2025
Qubely<= 1.8.14 Sensitive Data Exposure	3.23	4.3	Aug 5, 2025
All In One SEO Pack<= 4.8.7.1 Sensitive Data Exposure	25.8	4.3	Aug 11, 2025
All In One SEO Pack<= 4.8.7.1 Broken Access Control	32.4	5.4	Aug 11, 2025
Accordion<= 2.3.15 Broken Access Control	4.88	6.5	Aug 17, 2025
AppMySite<= 3.14.1 Broken Access Control	10.6	5.3	Aug 17, 2025
MaxiBlocks<= 2.1.3 Broken Access Control	2.81	5	Sep 5, 2025
Smart Blocks<= 2.4 Broken Access Control	3.71	4.3	Sep 5, 2025
Accordion<= 2.3.14 Broken Access Control	6.5	6.5	Aug 17, 2025
Rank Math SEO<= 1.0.252.1 Sensitive Data Exposure	39.56	4.3	No date
Rank Math SEO<= 1.0.252.1 Broken Access Control	17.48	3.8	No date
PostX<= 4.1.36 Broken Access Control	14.2	7.1	Aug 3, 2025
ElementInvader Addons for Elementor<= 1.3.6 Cross Site Scripting (XSS)	4.88	6.5	Jul 31, 2025
UiCore Elements<= 1.3.4 Cross Site Scripting (XSS)	9.75	6.5	Jul 28, 2025
Xpro Elementor Addons<= 1.4.17 Cross Site Scripting (XSS)	9.75	6.5	Jul 28, 2025
Otter - Gutenberg Block<= 3.1.0 Sensitive Data Exposure	75	7.5	Aug 3, 2025
Better Post & Filter Widgets for Elementor<= 1.6.1 Cross Site Scripting (XSS)	N/A	6.5	Jul 17, 2025
King Addons for Elementor<= 51.1.38 Broken Access Control	14.63	6.5	No date
King Addons for Elementor<= 51.1.38 Cross Site Scripting (XSS)	14.63	6.5	No date
B Blocks<= 2.0.5 Cross Site Scripting (XSS)	3.66	6.5	Jul 30, 2025
Magical Posts Display<= 1.2.52 Cross Site Scripting (XSS)	4.88	6.5	Jul 19, 2025
Easy Elementor Addons<= 2.2.6 Cross Site Scripting (XSS)	9.75	6.5	Jul 17, 2025
Omnipress<= 1.6.3 Cross Site Scripting (XSS)	4.88	6.5	May 25, 2025
GutenKit<= 2.2.2 Cross Site Scripting (XSS)	4.88	6.5	Mar 24, 2025
Spider Elements<= 1.6.6 Broken Access Control	6.4	6.4	Nov 27, 2024
Spider Elements<= 1.6.5 Cross Site Scripting (XSS)	4.88	6.5	Nov 27, 2024
Directorist AddonsKit for Elementor<= 1.1.6 Cross Site Scripting (XSS)	4.88	6.5	Nov 25, 2024
Team Members for Elementor Page Builder<= 1.0.4 Cross Site Scripting (XSS)	4.88	6.5	Nov 26, 2024
Designer<= 1.6.4 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
All Embed – Elementor Addons<= 1.1.3 Cross Site Scripting (XSS)	4.88	6.5	Nov 26, 2024
Elementor AI Addons<= 2.2.1 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
Button Block<= 1.1.5 Broken Access Control	3.23	4.3	Aug 27, 2024
Button Block<= 1.1.9 Cross Site Scripting (XSS)	4.88	6.5	Aug 27, 2024
S3Player – WooCommerce & Elementor Integration<= 4.2.1 Cross Site Scripting (XSS)	4.88	6.5	Nov 26, 2024
Hash Elements<= 1.5.0 Cross Site Scripting (XSS)	4.88	6.5	Aug 28, 2024
Nexter Blocks<= 4.0.7 Broken Access Control	5.52	6.4	Nov 27, 2024
Advanced Data Table For Elementor<= 1.0.0 Cross Site Scripting (XSS)	N/A	6.5	Nov 26, 2024
Easy Blocks pro<= 1.0.21 Broken Access Control	7.1	7.1	Oct 2, 2024
Prodigy Commerce<= 3.1.2 Broken Access Control	4.88	6.5	Oct 4, 2024
Prodigy Commerce<= 3.0.8 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
Responsive Addons for Elementor<= 1.5.4 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
Delisho<= 1.0.6 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
aThemes Addons for Elementor<= 1.0.7 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
Sastra Essential Addons for Elementor<= 1.0.5 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
HT Politic<= 2.4.4 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
Time Slot<= 1.3.6 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
Hyperlink Group Block<= 1.17.5 Cross Site Scripting (XSS)	4.88	6.5	Sep 8, 2024
Omnipress<= 1.4.3 Cross Site Scripting (XSS)	5.33	6.5	Sep 8, 2024
Da Reactions<= 5.1.5 Cross Site Scripting (XSS)	4.88	6.5	Oct 2, 2024
Plexx Elementor Extension<= 1.3.6 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
MAS Elementor<= 1.1.6 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
El mejor Cluster<= 1.1.15 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
Logo Carousel – Clients logo carousel for WP<= 1.2 Cross Site Scripting (XSS)	4.88	6.5	Aug 25, 2024
RTMKit<= 1.5.0 Cross Site Scripting (XSS)	4.88	6.5	Aug 28, 2024
Cozy Blocks<= 2.0.11 Cross Site Scripting (XSS)	4.88	6.5	Aug 26, 2024
Fluent Support<= 1.8.0 SQL Injection	17	8.5	Sep 6, 2024
Fluent Support<= 1.8.0 Broken Access Control	10.6	5.3	Sep 6, 2024
LA-Studio Element Kit for Elementor<= 1.3.9.2 Cross Site Scripting (XSS)	4.88	6.5	Mar 20, 2024
Ultimate Addons for Beaver Builder – Lite<= 1.5.9 Cross Site Scripting (XSS)	9.75	6.5	Feb 29, 2024
Xpro Elementor Addons<= 1.4.4.2 Cross Site Scripting (XSS)	4.88	6.5	Feb 28, 2024
Graphina<= 1.8.10 Cross Site Scripting (XSS)	4.88	6.5	Mar 20, 2024
Card Elements for Elementor<= 1.2.2 Cross Site Scripting (XSS)	4.88	6.5	Mar 28, 2024
Extensions for Elementor<= 2.0.31 Cross Site Scripting (XSS)	4.88	6.5	Mar 28, 2024
EazyDocs<= 2.5.0 Broken Access Control	7.1	7.1	Mar 18, 2024
EazyDocs<= 2.5.0 Cross Site Scripting (XSS)	4.88	6.5	Mar 18, 2024
Download Button for Elementor<= 1.2.1 Cross Site Scripting (XSS)	4.88	6.5	Mar 29, 2024
Sky Addons for Elementor<= 2.5.5 Cross Site Scripting (XSS)	4.88	6.5	Mar 29, 2024
UltraAddons Elementor Lite<= 2.0.0 Cross Site Scripting (XSS)	4.88	6.5	Mar 9, 2024
Image Hover Effects - Caption Hover with Carousel<= 3.0.2 Cross Site Scripting (XSS)	4.88	6.5	Mar 28, 2024
Elementor Addons, Widgets and Enhancements – Stax<= 1.4.4.1 Cross Site Scripting (XSS)	4.88	6.5	Mar 9, 2024
Cowidgets – Elementor Addons<= 1.1.1 Local File Inclusion	16.88	7.5	Mar 3, 2024
Ninja Beaver Add-ons for Beaver Builder<= 2.4.5 Cross Site Scripting (XSS)	4.88	6.5	Mar 3, 2024
Blogmentor – Blog Layouts for Elementor<= 1.5 Cross Site Scripting (XSS)	4.43	6.5	Mar 17, 2024
WP Post Author<= 3.6.7 Cross Site Scripting (XSS)	4.88	6.5	Nov 4, 2023
Testimonial Carousel For Elementor<= 10.1.1 Cross Site Scripting (XSS)	4.88	6.5	Mar 3, 2024
Master Addons for Elementor<= 2.0.5.9 Cross Site Scripting (XSS)	9.75	6.5	Feb 21, 2024
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)<= 1.5.109 Broken Access Control	18.54	4.3	Jan 3, 2024
Cowidgets – Elementor Addons<= 1.1.1 Cross Site Scripting (XSS)	4.88	6.5	Mar 2, 2024
themesflat-addons-for-elementor<= 2.1.2 Cross Site Scripting (XSS)	9.75	6.5	Jan 16, 2024
Master Addons for Elementor<= 2.0.5.4.1 Broken Access Control	26	6.5	Jan 15, 2024
Borderless<= 1.7.3 Cross Site Scripting (XSS)	4.88	6.5	Mar 28, 2024

Report vulnerabilities to earn bounties and rewards!

Include pending