Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

roxnor — Vulnerabilities & Security Advisories 76

Browse all 76 CVE security advisories affecting roxnor. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Roxnor operates as a specialized provider of network security solutions, primarily focusing on intrusion detection and prevention systems designed to monitor and secure enterprise network traffic. Historical security audits have identified a significant volume of vulnerabilities within its software infrastructure, with 76 Common Vulnerabilities and Exposures currently on record. These flaws predominantly involve remote code execution and cross-site scripting, allowing attackers to potentially bypass authentication mechanisms or execute arbitrary commands on affected devices. Privilege escalation vulnerabilities have also been documented, enabling lower-privileged users to gain administrative control. While specific major public incidents remain largely contained within technical disclosure reports, the high count of disclosed CVEs indicates persistent challenges in the product’s secure development lifecycle. Organizations utilizing Roxnor appliances are advised to apply vendor patches promptly to mitigate risks associated with these known exploitation vectors and ensure continuous network integrity.

Top products by roxnor: MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers Wp Social Login and Register Social Counter EmailKit – Email Customizer for WooCommerce & WP Metform Wp Ultimate Review ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools ElementsKit Elementor addons Lite FundEngine PopupKit FundEngine – Donation and Crowdfunding Platform EmailKit GetGenie
CVE IDTitleCVSSSeverityPublished
CVE-2025-47459 WordPress WP Fundraising Donation and Crowdfunding Platform plugin <= 1.7.3 - Cross Site Request Forgery (CSRF) Vulnerability — FundEngineCWE-352 4.3 Medium2025-05-07
CVE-2024-11180 ElementsKit Elementor addons <= 3.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2025-03-29
CVE-2025-30914 WordPress Metform Elementor Contact Form Builder plugin <= 3.9.7 - Server Side Request Forgery (SSRF) vulnerability — MetformCWE-918 4.4 Medium2025-03-27
CVE-2025-1506 Wp Social Login and Register Social Counter <= 3.1.0 - Cross-Site Request Forgery to Settings Update — Wp Social Login and Register Social CounterCWE-352 4.3 Medium2025-02-28
CVE-2025-0968 ElementsKit Elementor addons <= 3.4.0 - Unauthenticated Information Exposure via get_megamenu_content Function — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-284 5.3 Medium2025-02-19
CVE-2025-1005 ElementsKit Elementor addons <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2025-02-15
CVE-2023-50903 WordPress Metform Elementor Contact Form Builder plugin <= 3.4.0 - Broken Access Control vulnerability — MetformCWE-862 5.3 Medium2024-12-09
CVE-2024-37255 WordPress ElementsKit Lite plugin <= 3.1.4 - Unauthenticated Broken Access Control vulnerability — ElementsKit Elementor addons LiteCWE-862 5.3 Medium2024-11-01
CVE-2024-9501 Wp Social Login and Register Social Counter <= 3.0.7 - Authentication Bypass via WordPress.com OAuth provider — Wp Social Login and Register Social CounterCWE-288 9.8 Critical2024-10-26
CVE-2024-10091 ElementsKit Elementor addons <= 3.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-10-26
CVE-2024-8546 ElementsKit Elementor addons <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-09-25
CVE-2023-0714 Metform Elementor Contact Form Builder <= 3.2.4 - Unauthenticated Double-Extension Arbitrary File Upload — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-434 8.1 High2024-08-17
CVE-2024-6698 FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation — FundEngine – Donation and Crowdfunding PlatformCWE-862 8.8 High2024-08-01
CVE-2024-6455 ElementsKit Elementor addons <= 3.2.0 - Unauthenticated Information Exposure via ekit_widgetarea_content Function — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-200 5.3 Medium2024-07-18
CVE-2024-4266 MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 3.8.8 - Unauthenticated Sensitive Information Exposure — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-200 5.3 Medium2024-06-11
CVE-2024-21746 WordPress Wp Ultimate Review plugin <= 2.3.6 - IP limit Bypass vulnerability — Wp Ultimate ReviewCWE-290 5.3 Medium2024-05-17
CVE-2024-33570 WordPress MetForm plugin <= 3.8.3 - Broken Access Control vulnerability — MetformCWE-862 4.3 Medium2024-05-06
CVE-2024-3499 ElementsKit Elementor addons <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Onepage Scroll Module — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-98 8.8 High2024-05-02
CVE-2024-32505 WordPress ElementsKit Elementor addons plugin <= 3.0.6 - Cross Site Scripting (XSS) vulnerability — ElementsKit Elementor addons LiteCWE-79 6.5 Medium2024-04-17
CVE-2024-2803 ElementsKit Elementor addons <= 3.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-04-04
CVE-2024-2791 Metform Elementor Contact Form Builder <= 3.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widgets — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-79 6.4 Medium2024-04-02
CVE-2024-1238 ElementsKit Elementor addons <= 3.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-03-30
CVE-2024-2047 ElementsKit Elementor addons <= 3.0.6 - Authenticated (Contributor+) Local File Inclusion in render_raw — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-98 8.8 High2024-03-30
CVE-2024-2042 ElementsKit Elementor addons <= 3.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-03-16
CVE-2023-6525 ElementsKit Elementor addons <= 3.0.3 - Authenticated(Editor+) Stored Cross-Site Scripting — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 5.5 Medium2024-03-16
CVE-2024-1239 ElementsKit Elementor addons <= 3.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-79 6.4 Medium2024-03-16
CVE-2024-1763 Wp Social Login and Register Social Counter <= 3.0.0 - Missing Authorization to Unauthenticated Social Login/Share Status Update — Wp Social Login and Register Social CounterCWE-862 6.5 Medium2024-03-13
CVE-2024-1585 Metform Elementor Contact Form Builder <= 3.8.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-79 6.4 Medium2024-03-13
CVE-2023-6582 ElementsKit Lite <= 3.0.3 - Unauthenticated Sensitive Information Exposure — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-284 5.3 Medium2024-01-11
CVE-2023-6788 Metform Elementor Contact Form Builder <= 3.8.1 - Cross-Site Request Forgery — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-352 5.4 Medium2024-01-09

This page lists every published CVE security advisory associated with roxnor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.