Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ideaboxcreations — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting ideaboxcreations. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Ideaboxcreations develops collaborative project management and workflow automation tools used by teams to organize tasks and streamline processes. Historically, their products have been vulnerable to multiple remote code execution flaws, cross-site scripting vulnerabilities, and privilege escalation issues, accounting for their 12 recorded CVEs. The company has faced criticism for inconsistent patch management and delayed security updates, with several critical vulnerabilities remaining unaddressed for months. Their security posture has been characterized by insufficient input validation and inadequate access controls, leading to potential unauthorized system access and data exposure.

Top products by ideaboxcreations: PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) PowerPack Lite for Beaver Builder
CVE IDTitleCVSSSeverityPublished
CVE-2025-8388 PowerPack Lite for Elementor <= 2.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting Via 'cursor_url' — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-79 6.4 Medium2025-09-10
CVE-2025-1512 PowerPack Elementor Addons (Free Widgets, Extensions and Templates) <= 2.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-79 6.4 Medium2025-04-01
CVE-2024-12239 PowerPack Lite for Beaver Builder <= 1.3.0.5 - Reflected Cross-Site Scripting via Navigate Parameter — PowerPack Lite for Beaver BuilderCWE-79 6.1 Medium2024-12-17
CVE-2024-10692 PowerPack Elementor Addons (Free Widgets, Extensions and Templates) <= 2.8.1 - Authenticated (Contributor+) Post Disclosure — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-639 4.3 Medium2024-12-06
CVE-2024-5787 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Link Effects Widget — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-79 6.4 Medium2024-06-13
CVE-2024-5327 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.19 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-79 6.4 Medium2024-05-30
CVE-2024-2289 PowerPack Lite for Beaver Builder <= 1.3.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via element link — PowerPack Lite for Beaver BuilderCWE-79 6.4 Medium2024-04-09
CVE-2024-2492 PowerPack Addons for Elementor <= 2.7.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Tweet Widget — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-79 6.4 Medium2024-04-09
CVE-2024-2491 PowerPack Addons for Elementor <= 2.7.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via *_html_tag* — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-79 6.4 Medium2024-03-30
CVE-2024-1411 PowerPack Addons for Elementor <= 2.7.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Buttons Widget — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-79 6.4 Medium2024-02-20
CVE-2024-1055 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-79 5.4 Medium2024-02-07
CVE-2023-6984 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.13 - Cross-Site Request Forgery — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-352 5.3 Medium2024-01-03

This page lists every published CVE security advisory associated with ideaboxcreations. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.