Wp Royal Royal Elementor Addons vulnerabilities
12 known vulnerabilities affecting wp_royal/royal_elementor_addons.
Total CVEs
12
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM9
Vulnerabilities
Page 1 of 1
CVE-2024-32786P3CRITICALCVSS 9.8≥ n/a, ≤ 1.3.932024-05-17
CVE-2024-32786 [CRITICAL] CWE-290 CVE-2024-32786: Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functional
Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through 1.3.93.
nvd
CVE-2026-28135P3HIGHCVSS 8.2≤ 1.7.10522026-03-05
CVE-2026-28135 [HIGH] CWE-829 CVE-2026-28135: Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor A
Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1052.
nvd
CVE-2024-50442P3HIGHCVSS 7.2≤ 1.3.9802024-10-28
CVE-2024-50442 [HIGH] CWE-611 CVE-2024-50442: Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addo
Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through <= 1.3.980.
nvd
CVE-2026-40763P4MEDIUMCVSS 5.3≤ 1.7.10562026-04-15
CVE-2026-40763 [MEDIUM] CWE-862 CVE-2026-40763: Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows
Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1056.
nvd
CVE-2025-39543P4MEDIUMCVSS 6.5≤ 1.3.9772025-04-16
CVE-2025-39543 [MEDIUM] CWE-79 CVE-2025-39543: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through <= 1.3.977.
nvd
CVE-2024-56226P4MEDIUMCVSS 6.1≤ 1.7.10012024-12-31
CVE-2024-56226 [MEDIUM] CWE-79 CVE-2024-56226: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1001.
nvd
CVE-2024-31236P4MEDIUMCVSS 5.4≥ n/a, ≤ 1.3.932024-04-07
CVE-2024-31236 [MEDIUM] CWE-79 CVE-2024-31236: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.3.93.
nvd
CVE-2024-56062P4MEDIUMCVSS 5.4≤ 1.3.9872024-12-31
CVE-2024-56062 [MEDIUM] CWE-79 CVE-2024-56062: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through <= 1.3.987.
nvd
CVE-2025-39361P4MEDIUMCVSS 5.4≤ 1.7.10172025-05-07
CVE-2025-39361 [MEDIUM] CWE-79 CVE-2025-39361: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1017.
nvd
CVE-2025-26990P4MEDIUMCVSS 4.9≤ 1.7.10062025-04-15
CVE-2025-26990 [MEDIUM] CWE-918 CVE-2025-26990: Server-Side Request Forgery (SSRF) vulnerability in WP Royal Royal Elementor Addons royal-elementor-
Server-Side Request Forgery (SSRF) vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Server Side Request Forgery.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1006.
nvd
CVE-2024-44001P4MEDIUMCVSS 5.4≤ 1.3.9822024-09-18
CVE-2024-44001 [MEDIUM] CWE-79 CVE-2024-44001: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons.This issue affects Royal Elementor Addons: from n/a through <= 1.3.982.
nvd
CVE-2024-56227P4MEDIUMCVSS 4.3≤ 1.7.10012024-12-31
CVE-2024-56227 [MEDIUM] CWE-862 CVE-2024-56227: Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows
Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1001.
nvd