Stylemixthemes Consulting Elementor Widgets vulnerabilities
6 known vulnerabilities affecting stylemixthemes/consulting_elementor_widgets.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-37091P2HIGHCVSS 8.8fixed in 1.3.1≥ n/a, ≤ 1.3.02024-06-24
CVE-2024-37091 [HIGH] CWE-77 CVE-2024-37091: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in StylemixThemes Consulting Elementor Widgets, StylemixThemes Masterstudy Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0; Masterstudy Elementor Widgets: from n/a through 1.2.2.
nvd
CVE-2024-37089P3CRITICALCVSS 9.8fixed in 1.3.1≥ n/a, ≤ 1.3.02024-06-24
CVE-2024-37089 [CRITICAL] CWE-22 CVE-2024-37089: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Styl
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0.
nvd
CVE-2024-37090P3HIGHCVSS 8.8≤ 1.3.0≥ n/a, ≤ 1.3.02024-07-09
CVE-2024-37090 [HIGH] CWE-89 CVE-2024-37090: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Masterstudy Elementor Widgets, StylemixThemes Consulting Elementor Widgets.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2; Consulting Elementor Widgets: from n/a through 1.3.0.
nvd
CVE-2024-37092P3HIGHCVSS 8.8fixed in 1.3.1≥ n/a, ≤ 1.3.02024-06-24
CVE-2024-37092 [HIGH] CWE-22 CVE-2024-37092: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Styl
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0.
nvd
CVE-2025-64360P3HIGHCVSS 7.5≤ 1.4.22025-10-31
CVE-2025-64360 [HIGH] CWE-98 CVE-2025-64360: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through <= 1.4.2.
nvd
CVE-2025-64361P4MEDIUMCVSS 6.5≤ 1.4.22025-10-31
CVE-2025-64361 [MEDIUM] CWE-79 CVE-2025-64361: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows DOM-Based XSS.This issue affects Consulting Elementor Widgets: from n/a through <= 1.4.2.
nvd