Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Leap13 — Vulnerabilities & Security Advisories 41

Browse all 41 CVE security advisories affecting Leap13. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Leap13 operates as a provider of enterprise software solutions, primarily focusing on workflow automation and document management systems for large organizations. Security audits have identified forty-one distinct Common Vulnerabilities and Exposures (CVEs) associated with its platform, indicating a persistent history of security deficiencies. The most prevalent vulnerability classes include remote code execution, cross-site scripting, and broken access control mechanisms that allow unauthorized privilege escalation. These flaws often stem from insufficient input validation and inadequate authentication checks within the application’s core architecture. While specific major incidents involving data breaches remain largely unpublicized, the high volume of disclosed CVEs suggests systemic weaknesses in the development lifecycle. The company has faced scrutiny for the frequency of these updates, highlighting challenges in maintaining robust security postures for complex enterprise tools.

Top products by Leap13: Premium Addons for Elementor – Powerful Elementor Templates & Widgets Premium Addons for Elementor Premium Blocks – Gutenberg Blocks for WordPress Premium Addons PRO Disable Elementor Editor Translation
CVE IDTitleCVSSSeverityPublished
CVE-2026-4790 Premium Addons for Elementor <= 4.11.70 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'custom_svg' Parameter — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 5.4 Medium2026-05-02
CVE-2025-69300 WordPress Premium Addons for Elementor plugin <= 4.11.63 - Settings Change vulnerability — Premium Addons for ElementorCWE-862 5.4 Medium2026-01-22
CVE-2025-68494 WordPress Premium Addons for Elementor plugin <= 4.11.53 - Sensitive Data Exposure vulnerability — Premium Addons for ElementorCWE-497 5.3 Medium2025-12-24
CVE-2025-14163 Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template' — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-352 4.3 Medium2025-12-23
CVE-2025-14155 Premium Addons for Elementor <= 4.11.53 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content' — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-862 5.3 Medium2025-12-23
CVE-2024-11937 Premium Addons for Elementor <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2025-07-04
CVE-2025-4774 Premium Addons for Elementor <= 4.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2025-06-10
CVE-2025-22671 WordPress Disable Elementor Editor Translation plugin <= 1.0.2 - Broken Access Control vulnerability — Disable Elementor Editor TranslationCWE-862 4.3 Medium2025-03-27
CVE-2024-56245 WordPress Premium Blocks plugin <= 2.1.42 - Cross Site Scripting (XSS) vulnerability — Premium Blocks – Gutenberg Blocks for WordPressCWE-79 6.5 Medium2025-01-02
CVE-2024-56225 WordPress Premium Addons for Elementor plugin <= 4.10.56 - Broken Access Control vulnerability — Premium Addons for ElementorCWE-862 5.4 Medium2024-12-31
CVE-2024-10266 Premium Addons for Elementor <= 4.10.60 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Video Box Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-10-29
CVE-2021-4445 Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-862 6.5 Medium2024-10-16
CVE-2024-47368 WordPress Premium Blocks plugin <= 2.1.33 - Cross Site Scripting (XSS) vulnerability — Premium Blocks – Gutenberg Blocks for WordPressCWE-79 6.5 Medium2024-10-06
CVE-2024-8681 Premium Addons for Elementor <= 4.10.52 - Authenticated (Contributor+) Stored Cross-Site Scripting via Media Grid Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-09-27
CVE-2024-6824 Premium Addons for Elementor <= 4.10.38 - Missing Authorization to Authenticated (Contributor+) Arbitrary Content Deletion and Arbitrary Title Update — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-862 4.3 Medium2024-08-08
CVE-2024-37519 WordPress Premium Blocks – Gutenberg Blocks for WordPress plugin <= 2.1.27 - Cross Site Scripting (XSS) vulnerability — Premium Blocks – Gutenberg Blocks for WordPressCWE-79 6.5 Medium2024-07-21
CVE-2024-37922 WordPress Premium Addons for Elementor plugin <= 4.10.34 - Cross Site Scripting (XSS) vulnerability — Premium Addons for ElementorCWE-79 6.5 Medium2024-07-20
CVE-2024-6495 Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-07-12
CVE-2024-6434 Premium Addons for Elementor <= 4.10.35 - Regular Expressions Denial of Service — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-400 3.1 Low2024-07-04
CVE-2024-6340 Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-07-03
CVE-2024-5553 Premium Addons for Elementor <= 4.10.33 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 4.4 Medium2024-06-12
CVE-2024-4379 Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Global Tooltip — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 5.4 Medium2024-05-31
CVE-2024-4376 Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-31
CVE-2024-4205 Premium Addons for Elementor <= 4.10.31 - Missing Authorization to Information Disclosure — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-862 4.3 Medium2024-05-31
CVE-2024-4378 Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Menu and Shape Divider — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-23
CVE-2024-4203 Premium Addons for Elementor <= 4.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 5.4 Medium2024-05-02
CVE-2024-3647 Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style' — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-02
CVE-2024-3885 Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-02
CVE-2024-32791 WordPress Premium Addons for Elementor plugin <= 4.10.25 - Cross Site Scripting (XSS) vulnerability — Premium Addons for ElementorCWE-79 6.5 Medium2024-04-24
CVE-2024-31278 WordPress Premium Addons for Elementor plugin <= 4.10.22 - Sensitive Data Exposure vulnerability — Premium Addons for ElementorCWE-201 4.3 Medium2024-04-10

This page lists every published CVE security advisory associated with Leap13. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.