Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

livemesh — Vulnerabilities & Security Advisories 30

Browse all 30 CVE security advisories affecting livemesh. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Livemesh operates as a cloud-based document management and collaboration platform, primarily serving enterprises with solutions for secure file sharing, version control, and remote access. Despite its utility in streamlining workflows, the software has accumulated thirty recorded Common Vulnerabilities and Exposures (CVEs), indicating persistent security gaps. Historical analysis reveals a pattern of critical flaws, including Remote Code Execution (RCE) and Cross-Site Scripting (XSS), which have frequently allowed attackers to bypass authentication or inject malicious scripts. Additionally, privilege escalation vulnerabilities have enabled unauthorized users to gain administrative control over sensitive data stores. These technical deficiencies suggest inadequate input validation and insufficient access controls within the application architecture. While no single catastrophic public breach has been widely documented, the high volume of disclosed CVEs highlights significant risks for organizations relying on the platform for confidential business operations, necessitating rigorous patch management and continuous security monitoring to mitigate potential exploitation.

Top products by livemesh: Livemesh Addons by Elementor Livemesh Addons for Elementor Livemesh Addons for WPBakery Page Builder Livemesh Addons for Beaver Builder WPBakery Page Builder Addons by Livemesh Elementor Addons by Livemesh Livemesh SiteOrigin Widgets
CVE IDTitleCVSSSeverityPublished
CVE-2026-1572 Livemesh Addons by Elementor <= 9.0 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via Plugin Settings — Livemesh Addons by ElementorCWE-79 6.4 Medium2026-04-16
CVE-2026-1620 Livemesh Addons by Elementor <= 9.0 - Authenticated (Contributor+) Local File Inclusion via Widget Template Parameter — Livemesh Addons by ElementorCWE-98 8.8 High2026-04-16
CVE-2026-39636 WordPress Livemesh Addons for Elementor plugin <= 9.0 - Cross Site Scripting (XSS) vulnerability — Livemesh Addons for ElementorCWE-79 6.5 Medium2026-04-08
CVE-2026-2029 Livemesh Addons for Beaver Builder <= 3.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' and 'value' Shortcode Attributes — Livemesh Addons for Beaver BuilderCWE-79 6.4 Medium2026-02-26
CVE-2026-24594 WordPress Livemesh Addons for WPBakery Page Builder plugin <= 3.9.4 - Cross Site Scripting (XSS) vulnerability — Livemesh Addons for WPBakery Page BuilderCWE-79 5.9 Medium2026-01-23
CVE-2025-62990 WordPress Livemesh Addons for Beaver Builder plugin <= 3.9.2 - Cross Site Scripting (XSS) vulnerability — Livemesh Addons for Beaver BuilderCWE-79 6.5 Medium2025-12-31
CVE-2025-8780 Livemesh SiteOrigin Widgets <= 3.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Hero Header and Pricing Table Widgets — Livemesh SiteOrigin WidgetsCWE-79 6.4 Medium2025-12-13
CVE-2024-8858 Elementor Addons by Livemesh <= 8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via piechart_settings Parameter — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-09-25
CVE-2024-47303 WordPress Elementor Addons by Livemesh plugin <= 8.5 - Cross Site Scripting (XSS) vulnerability — Livemesh Addons for ElementorCWE-79 6.5 Medium2024-09-25
CVE-2024-43320 WordPress WPBakery Page Builder Addons plugin <= 3.9 - Cross Site Scripting (XSS) vulnerability — Livemesh Addons for WPBakery Page BuilderCWE-79 6.5 Medium2024-08-18
CVE-2024-38784 WordPress Livemesh Addons for Beaver Builder plugin <= 3.6.1 - Cross Site Scripting (XSS) vulnerability — Livemesh Addons for Beaver BuilderCWE-79 5.9 Medium2024-07-21
CVE-2024-37547 WordPress Elementor Addons by Livemesh plugin <= 8.4.0 - Local File Inclusion vulnerability — Livemesh Addons for ElementorCWE-22 6.5 Medium2024-07-06
CVE-2024-3639 Elementor Addons by Livemesh <= 8.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Posts Grid — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-07-04
CVE-2024-2926 Elementor Addons by Livemesh <= 8.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Various Widgets — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-07-04
CVE-2024-2385 Elementor Addons by Livemesh <= 8.4 - Authenticated (Contributor+) Limited Local File Inclusion via Widgets — Livemesh Addons by ElementorCWE-22 8.8 High2024-07-04
CVE-2024-3638 Elementor Addons by Livemesh <= 8.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Marquee Text Widget, Testimonials Widget, and Testimonial Slider Widgets — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-07-04
CVE-2024-2655 Elementor Addons by Livemesh <= 8.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Display Name — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-04-10
CVE-2024-2539 Elementor Addons by Livemesh <= 8.3.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via widget _id attribute — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-04-10
CVE-2024-1458 Elementor Addons by Livemesh <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text Widget — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-04-09
CVE-2024-1461 Elementor Addons by Livemesh <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-04-09
CVE-2024-1465 Elementor Addons by Livemesh <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Posts Carousel Widget — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-04-09
CVE-2024-1464 Elementor Addons by Livemesh <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Posts Slider Widget — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-04-09
CVE-2024-1466 Elementor Addons by Livemesh <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Posts Multislider Widget — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-04-09
CVE-2024-30183 WordPress WPBakery Page Builder Addons by Livemesh plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability — Livemesh Addons for WPBakery Page BuilderCWE-79 6.5 Medium2024-03-27
CVE-2024-25598 WordPress Elementor Addons by Livemesh plugin <= 8.3 - Cross Site Scripting (XSS) vulnerability — Livemesh Addons for ElementorCWE-79 6.5 Medium2024-03-15
CVE-2024-27986 WordPress Livemesh Addons for Elementor Plugin <= 8.3.5 is vulnerable to Cross Site Scripting (XSS) — Elementor Addons by LivemeshCWE-79 6.5 Medium2024-03-14
CVE-2024-2079 WPBakery Page Builder Addons by Livemesh <= 3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WPBakery Page Builder Addons by LivemeshCWE-79 6.4 Medium2024-03-13
CVE-2024-1235 Elementor Addons by Livemesh <= 8.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-02-20
CVE-2024-0448 Elementor Addons by Livemesh <= 8.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Livemesh Addons by ElementorCWE-79 6.4 Medium2024-02-05
CVE-2023-50370 WordPress Livemesh Addons for WPBakery Page Builder Plugin <= 3.5 is vulnerable to Cross Site Scripting (XSS) — WPBakery Page Builder Addons by LivemeshCWE-79 6.5 Medium2023-12-14

This page lists every published CVE security advisory associated with livemesh. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.