Vulnerabilities in wproyal

71 results

CVE-2026-0664MEDIUMRoyal Elementor Addons <= 1.7.1049 - Authenticated (Contributor+) Stored Cross-Site Scripting via REST API Meta BypassEPSS 0.3%CVE-2024-3887MEDIUMRoyal Elementor Addons and Templates <= 1.3.974 - Authenticated (Contributor+) Stored Cross-Site Scripting via Form Builder WidgetEPSS 0.3%CVE-2026-5159MEDIUMRoyal Addons for Elementor <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Follow Button Text' ParameterEPSS 0.3%CVE-2026-24382HIGHWordPress News Magazine X theme <= 1.2.50 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-4305MEDIUMRoyal WordPress Backup & Restore Plugin <= 1.0.16 - Reflected Cross-Site Scripting via 'wpr_pending_template' ParameterEPSS 0.3%CVE-2025-63018MEDIUMWordPress Bard theme <= 2.229 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-5428MEDIUMRoyal Addons for Elementor <= 1.7.1056 - Authenticated (Author+) Stored Cross-Site Scripting via Image Caption FieldEPSS 0.3%CVE-2026-6504MEDIUMRoyal Addons for Elementor <= 1.7.1058 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_tag' ParameterEPSS 0.3%CVE-2024-5818MEDIUMRoyal Elementor Addons and Templates <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider WidgetEPSS 0.2%CVE-2024-0514MEDIUMRoyal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via add_to_compareEPSS 0.2%CVE-2026-8118MEDIUMRoyal Addons for Elementor – Addons and Templates Kit for Elementor 1.7.1058 - 1.7.1059 - Authenticated (Contributor+) Arbitrary File Read via Data Table Widget CSV File SourceEPSS 0.2%CVE-2026-25436MEDIUMWordPress Royal Elementor Addons plugin < 1.7.1053 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-1456MEDIUMRoyal Elementor Addons and Templates <= 1.7.1012 - Authenticated DOM-Based (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-1455MEDIUMRoyal Elementor Addons and Templates <= 1.7.1012 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2024-0516MEDIUMRoyal Elementor Addons and Templates <= 1.3.87 - Missing Authorization via wpr_update_form_action_metaEPSS 0.2%CVE-2024-0512MEDIUMRoyal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via add_to_wishlistEPSS 0.2%CVE-2025-0393MEDIUMRoyal Elementor Addons and Templates <= 1.7.1006 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-12120MEDIUMRoyal Elementor Addons and Templates <= 1.7.1017 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-3813MEDIUMRoyal Elementor Addons and Templates <= 1.7.1020 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-5092MEDIUMMultiple Plugins and Themes <= (Various Versions) - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via lightGallery JavaScript LibraryEPSS 0.2%

← previouspage 3 / 4next →