Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Leap13 — Vulnerabilities & Security Advisories 41

Browse all 41 CVE security advisories affecting Leap13. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Leap13 operates as a provider of enterprise software solutions, primarily focusing on workflow automation and document management systems for large organizations. Security audits have identified forty-one distinct Common Vulnerabilities and Exposures (CVEs) associated with its platform, indicating a persistent history of security deficiencies. The most prevalent vulnerability classes include remote code execution, cross-site scripting, and broken access control mechanisms that allow unauthorized privilege escalation. These flaws often stem from insufficient input validation and inadequate authentication checks within the application’s core architecture. While specific major incidents involving data breaches remain largely unpublicized, the high volume of disclosed CVEs suggests systemic weaknesses in the development lifecycle. The company has faced scrutiny for the frequency of these updates, highlighting challenges in maintaining robust security postures for complex enterprise tools.

Found 28 results / 41Clear Filters
Top products by Leap13: Premium Addons for Elementor – Powerful Elementor Templates & Widgets Premium Addons for Elementor Premium Blocks – Gutenberg Blocks for WordPress Premium Addons PRO Disable Elementor Editor Translation
CVE IDTitleCVSSSeverityPublished
CVE-2026-4790 Premium Addons for Elementor <= 4.11.70 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'custom_svg' Parameter — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 5.4 Medium2026-05-02
CVE-2025-14163 Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template' — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-352 4.3 Medium2025-12-23
CVE-2025-14155 Premium Addons for Elementor <= 4.11.53 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content' — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-862 5.3 Medium2025-12-23
CVE-2024-11937 Premium Addons for Elementor <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2025-07-04
CVE-2025-4774 Premium Addons for Elementor <= 4.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2025-06-10
CVE-2024-10266 Premium Addons for Elementor <= 4.10.60 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Video Box Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-10-29
CVE-2021-4445 Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-862 6.5 Medium2024-10-16
CVE-2024-8681 Premium Addons for Elementor <= 4.10.52 - Authenticated (Contributor+) Stored Cross-Site Scripting via Media Grid Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-09-27
CVE-2024-6824 Premium Addons for Elementor <= 4.10.38 - Missing Authorization to Authenticated (Contributor+) Arbitrary Content Deletion and Arbitrary Title Update — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-862 4.3 Medium2024-08-08
CVE-2024-6495 Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-07-12
CVE-2024-6434 Premium Addons for Elementor <= 4.10.35 - Regular Expressions Denial of Service — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-400 3.1 Low2024-07-04
CVE-2024-6340 Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-07-03
CVE-2024-5553 Premium Addons for Elementor <= 4.10.33 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 4.4 Medium2024-06-12
CVE-2024-4379 Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Global Tooltip — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 5.4 Medium2024-05-31
CVE-2024-4376 Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-31
CVE-2024-4205 Premium Addons for Elementor <= 4.10.31 - Missing Authorization to Information Disclosure — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-862 4.3 Medium2024-05-31
CVE-2024-4378 Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Menu and Shape Divider — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-23
CVE-2024-4203 Premium Addons for Elementor <= 4.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 5.4 Medium2024-05-02
CVE-2024-3647 Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style' — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-02
CVE-2024-3885 Premium Addons for Elementor <= 4.10.28 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-02
CVE-2024-2666 Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 5.4 Medium2024-04-10
CVE-2024-2665 Premium Addons for Elementor <= 4.10.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-04-10
CVE-2024-2664 Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-04-10
CVE-2024-0376 Premium Addons for Elementor <= 4.10.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Wrapper Link Widget — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-04-09
CVE-2024-2399 Premium Addons for Elementor <= 4.10.23 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-03-15
CVE-2024-1680 Premium Addons for Elementor <= 4.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner, Team Members, and Image Scroll Widgets — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-03-13
CVE-2024-0326 Premium Addons for Elementor <= 4.10.17 - Authenticated(Contributor+) Stored Cross-Site Scripting via Link Wrapper — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-03-13
CVE-2024-1242 Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Addons for Elementor – Powerful Elementor Templates & WidgetsCWE-79 6.4 Medium2024-02-20

This page lists every published CVE security advisory associated with Leap13. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.