D.Sim

**Name of the Vulnerable Software and Affected Versions** Animation Addons for Elementor versions prior to 2.6.8 **Description** The Animation Addons for Elementor plugin for WordPress contains a DOM-Based Stored Cross-Site Scripting issue. This occurs due to insufficient input sanitization and output escaping of multiple parameters. Authenticated attackers with Contributor-level access or higher can inject arbitrary web scripts into pages, which then execute when a user visits the affected page. **Recommendations** Update the plugin to a version later than 2.6.7.

**Name of the Vulnerable Software and Affected Versions** Xpro Addons — 140+ Widgets for Elementor plugin for WordPress versions up to and including 1.4.24 **Description** The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping on user-supplied attributes within the plugin’s Image Scroller widget, specifically the `box link` attribute. Authenticated attackers with contributor-level access or higher can inject malicious web scripts into pages. These scripts will execute when a user accesses the compromised page. **Recommendations** Update Xpro Addons — 140+ Widgets for Elementor plugin for WordPress to a version later than 1.4.24.

**Name of the Vulnerable Software and Affected Versions** RSS Aggregator plugin for WordPress versions up to and including 5.0.10 **Description** The RSS Aggregator plugin for WordPress is susceptible to Reflected Cross-Site Scripting. This is due to insufficient input sanitization and output escaping on user-supplied attributes within the `template` parameter. This allows unauthenticated attackers to inject arbitrary web scripts into pages. Successful exploitation requires tricking a user into performing an action, such as clicking a link. The vulnerable parameter is `template`. **Recommendations** Update the RSS Aggregator plugin to a version newer than 5.0.10.

**Name of the Vulnerable Software and Affected Versions** Unlimited Elements for Elementor plugin versions up to 2.0.1 **Description** The Unlimited Elements for Elementor plugin for WordPress has a Stored Cross-Site Scripting issue. This is caused by inadequate input sanitization and output escaping of user-provided URLs. An authenticated attacker with Contributor-level access or higher can inject malicious web scripts into pages. These scripts will execute when a user visits the compromised page. The vulnerable component is the Button Link field within the Border Hero widget. **Recommendations** Update the Unlimited Elements for Elementor plugin to a version later than 2.0.1.

**Name of the Vulnerable Software and Affected Versions** WPBITS Addons For Elementor plugin for WordPress versions up to and including 1.8 **Description** The software is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping when dynamic content is enabled. This allows authenticated attackers with contributor-level permissions or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page. The issue affects multiple widget parameters. **Recommendations** Update WPBITS Addons For Elementor plugin for WordPress to a version later than 1.8.

**Name of the Vulnerable Software and Affected Versions** Name Directory plugin for WordPress versions through 1.30.3 **Description** The Name Directory plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping in the `name directory name` and `name directory description` parameters. This allows unauthenticated attackers to inject arbitrary web scripts into pages. When a user accesses an injected page, the scripts will execute. **Recommendations** Update the Name Directory plugin to a version later than 1.30.3.

**Name of the Vulnerable Software and Affected Versions** GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress versions through 1.1.7 **Description** The software is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping in the chat message field. This allows unauthenticated attackers to inject arbitrary web scripts into pages. These scripts will execute when an administrator accesses the Chat History page. **Recommendations** Update GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress to a version later than 1.1.7.

**Name of the Vulnerable Software and Affected Versions** Happy Addons for Elementor versions up to and including 3.20.3 **Description** The Happy Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the `ha page custom js` parameter. Insufficient input sanitization and output escaping allow authenticated attackers with Contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page. **Recommendations** Happy Addons for Elementor versions prior to 3.20.4 should be updated.

**Name of the Vulnerable Software and Affected Versions** Five Star Restaurant Reservations – WordPress Booking Plugin versions prior to 2.7.6 **Description** The Five Star Restaurant Reservations – WordPress Booking Plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping of the `rtb-name` parameter. This allows unauthenticated attackers to inject malicious web scripts into pages, which will then execute when a user accesses those pages. **Recommendations** Update Five Star Restaurant Reservations – WordPress Booking Plugin to version 2.7.6 or later.

**Name of the Vulnerable Software and Affected Versions** The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress versions up to and including 2.10.2 **Description** The software is susceptible to a Stored Cross-Site Scripting issue due to inadequate input sanitization and output escaping. Specifically, the guest display name field is not properly validated, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts will execute when a user accesses an injected page. **Recommendations** Update The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress to a version later than 2.10.2.

**Name of the Vulnerable Software and Affected Versions** All-in-One Addons for Elementor – WidgetKit versions prior to 2.5.7 **Description** The All-in-One Addons for Elementor – WidgetKit plugin for WordPress has a flaw that allows malicious code to be stored and executed when a user views a page containing the injected code. This impacts the Team and Countdown widgets due to inadequate handling of user-provided data, specifically insufficient input sanitization and output escaping of user-supplied attributes. An attacker with contributor-level access or higher can inject arbitrary web scripts into pages. These scripts will then execute in the browsers of users who access the affected pages. **Recommendations** Update All-in-One Addons for Elementor – WidgetKit to version 2.5.7 or later.

**Name of the Vulnerable Software and Affected Versions** Livemesh SiteOrigin Widgets plugin for WordPress versions prior to 3.9.2 **Description** The Livemesh SiteOrigin Widgets plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Hero Header and Pricing Table widgets. Insufficient input sanitization and output escaping of user-supplied attributes allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page. **Recommendations** Update the Livemesh SiteOrigin Widgets plugin to version 3.9.2 or later.

**Name of the Vulnerable Software and Affected Versions** MarqueeAddons plugin for WordPress versions through 2.4.3 **Description** The MarqueeAddons plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Testimonial Marquee widget. Insufficient input sanitization and output escaping on user-supplied attributes allow authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page. **Recommendations** Update the MarqueeAddons plugin to a version later than 2.4.3.

**Name of the Vulnerable Software and Affected Versions** King Addons for Elementor plugin for WordPress versions through 51.1.39 **Description** The King Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping on user-supplied attributes within the Pricing Slider, Pricing Calculator, and Image Accordion widgets. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page. **Recommendations** Update the King Addons for Elementor plugin to a version later than 51.1.39.

**Name of the Vulnerable Software and Affected Versions** Enter Addons plugin for WordPress versions through 2.2.7 **Description** The Enter Addons plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Countdown and Image Comparison widgets. This is due to inadequate input sanitization and output escaping of user-provided attributes. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page. **Recommendations** Update the Enter Addons plugin to a version newer than 2.2.7.

**Name of the Vulnerable Software and Affected Versions** JetWidgets For Elementor plugin for WordPress versions prior to 1.0.21 **Description** The JetWidgets For Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Image Comparison and Subscribe widgets. Insufficient input sanitization and output escaping on user-supplied attributes allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page. **Recommendations** Update the JetWidgets For Elementor plugin to version 1.0.21 or later.

**Name of the Vulnerable Software and Affected Versions** Gutenify – Visual Site Builder Blocks & Site Templates plugin for WordPress versions up to and including 1.5.9 **Description** The Gutenify plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping of user-provided attributes within the plugin’s block attributes. Authenticated attackers possessing contributor-level access or higher can inject malicious web scripts into pages. These scripts will then execute whenever a user accesses the compromised page. **Recommendations** Update the Gutenify – Visual Site Builder Blocks & Site Templates plugin to a version later than 1.5.9.

**Name of the Vulnerable Software and Affected Versions** RTMKit Addons for Elementor plugin for WordPress versions up to and including 1.6.1 **Description** The RTMKit Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting. This occurs through insufficient input sanitization and output escaping on user-supplied attributes within the plugin’s Accordion Block. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts into pages. These scripts will execute whenever a user accesses the affected page. **Recommendations** Update the RTMKit Addons for Elementor plugin to a version later than 1.6.1.

**Name of the Vulnerable Software and Affected Versions** Element Pack Addons for Elementor plugin for WordPress versions up to and including 8.3.4 **Description** The Element Pack Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Open Street Map widget’s marker content parameter. This is a result of inadequate input sanitization and output escaping of user-provided attributes within the render function. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts into pages, which will then execute when a user accesses the affected page. **Recommendations** Update Element Pack Addons for Elementor plugin for WordPress to a version later than 8.3.4.

**Name of the Vulnerable Software and Affected Versions** Testimonial Carousel For Elementor plugin for WordPress versions prior to 11.6.3 **Description** The Testimonial Carousel For Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping. This allows authenticated attackers with contributor-level access or higher to inject malicious web scripts into pages. These scripts will then execute whenever a user accesses the compromised page. The issue affects multiple parameters. **Recommendations** Update the Testimonial Carousel For Elementor plugin to version 11.6.3 or later.