Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPvibes — Vulnerabilities & Security Advisories 34

Browse all 34 CVE security advisories affecting WPvibes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WPVibes operates as a white-label solution provider, enabling businesses to launch customized WordPress-based platforms for content, e-commerce, and social networking. Despite its utility, the platform has accumulated thirty-four recorded Common Vulnerabilities and Exposures, reflecting significant historical security deficiencies. These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from inadequate input validation and insufficient access controls within its modular architecture. The high volume of CVEs suggests systemic issues in code review processes and dependency management, allowing attackers to compromise server integrity or steal user data. While specific major public breaches are not widely documented in mainstream media, the persistent nature of these vulnerabilities indicates a critical need for rigorous patching and security auditing. Organizations utilizing WPVibes must prioritize immediate updates and implement strict security monitoring to mitigate the risk of exploitation inherent in its current software state.

Found 20 results / 34Clear Filters
Top products by WPvibes: Addon Elements for Elementor (formerly Elementor Addon Elements) Elementor Addon Elements WP Mail Log Form Vibes – Database Manager for Forms Redirect 404 Error Page to Homepage or Custom Page with Logs Dynific Addons for Elementor (formerly AnyWhere Elementor) AnyWhere Elementor Pro
CVE IDTitleCVSSSeverityPublished
CVE-2025-12537 Addon Elements for Elementor <= 1.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2025-12-14
CVE-2024-13215 Elementor Addon Elements <= 1.13.10 - Authenticated (Contributor+) Sensitive Information Exposure via Modal Popup — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-359 4.3 Medium2025-01-15
CVE-2024-8902 Elementor Addon Elements <= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sections — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-200 4.3 Medium2024-10-12
CVE-2024-7122 Elementor Addon Elements <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-08-30
CVE-2024-4401 Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-08-30
CVE-2024-4570 Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-06-27
CVE-2024-4569 Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-06-27
CVE-2024-2092 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 5.4 Medium2024-06-12
CVE-2024-3743 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-05-02
CVE-2024-2792 Elementor Addon Elements <= 1.13.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'Text Separator' and 'Image Compare' Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-04-09
CVE-2024-2091 Elementor Addon Elements <= 1.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 5.4 Medium2024-03-28
CVE-2024-1393 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Switcher Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-03-13
CVE-2024-1391 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Thumbnail Slider Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-03-13
CVE-2024-1422 Elementor Addon Elements <= 1.12.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Modal Popup effet — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-03-13
CVE-2024-1392 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Dual Button Widget — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 6.4 Medium2024-03-13
CVE-2024-1358 Elementor Addon Elements <= 1.12.12 - Directory Traversal to Local File Inclusion — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-22 8.8 High2024-03-13
CVE-2023-5381 Elementor Addon Elements <= 1.12.7 - Authenticated (Administrator+) Stored Cross-Site Scripting — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-79 4.4 Medium2023-11-15
CVE-2023-4690 Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-352 5.4 Medium2023-11-15
CVE-2023-4689 Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-352 5.4 Medium2023-11-15
CVE-2023-4723 Elementor Addon Elements <= 1.12.7 - Missing Authorization to Sensitive Information Exposure — Addon Elements for Elementor (formerly Elementor Addon Elements)CWE-862 5.3 Medium2023-11-15

This page lists every published CVE security advisory associated with WPvibes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.