Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

xpro — Vulnerabilities & Security Advisories 24

Browse all 24 CVE security advisories affecting xpro. AI-powered Chinese analysis, POCs, and references for each vulnerability.

xpro operates as a specialized software solution, primarily utilized for enterprise workflow automation and data integration. Security audits reveal a concerning history of twenty-two recorded Common Vulnerabilities and Exposures, indicating persistent weaknesses in its development lifecycle. The most prevalent vulnerability classes include remote code execution and cross-site scripting, which allow attackers to compromise system integrity or steal sensitive user data. Additionally, instances of privilege escalation have been documented, enabling unauthorized users to gain administrative access. These flaws suggest inadequate input validation and insufficient access control mechanisms within the application architecture. While no single catastrophic incident has dominated public discourse, the cumulative effect of these vulnerabilities poses significant risk to organizations relying on the platform. Continuous patching and rigorous security testing are essential to mitigate these ongoing threats and ensure the stability of dependent business processes.

Found 12 results / 24Clear Filters
Top products by xpro: Xpro Addons — 140+ Widgets for Elementor Xpro Elementor Addons Xpro Theme Builder Xpro Addons For Beaver Builder – Lite
CVE IDTitleCVSSSeverityPublished
CVE-2025-15369 Xpro Addons — 140+ Widgets for Elementor <= 1.5.0 - Missing Authorization to Unauthenticated Xpro Template Creation — Xpro Addons — 140+ Widgets for ElementorCWE-862 5.3 Medium2026-05-20
CVE-2025-13368 Xpro Addons — 140+ Widgets for Elementor <= 1.4.20 - Authenticated (Contributor+) Stored Cross-Site Scripting — Xpro Addons — 140+ Widgets for ElementorCWE-79 6.4 Medium2026-04-04
CVE-2026-2949 Xpro Addons — 140+ Widgets for Elementor <= 1.4.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Box Widget — Xpro Addons — 140+ Widgets for ElementorCWE-79 6.4 Medium2026-04-04
CVE-2025-14149 Xpro Addons — 140+ Widgets for Elementor <= 1.4.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Scroller Widget box link — Xpro Addons — 140+ Widgets for ElementorCWE-79 6.4 Medium2026-02-27
CVE-2025-2108 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Site Title' widget — Xpro Addons — 140+ Widgets for ElementorCWE-79 6.4 Medium2025-03-20
CVE-2024-13649 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Xpro Addons — 140+ Widgets for ElementorCWE-79 6.4 Medium2025-03-08
CVE-2024-12584 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.6.2 - Authenticated (Contributor+) Post Disclosure via Post Duplication — Xpro Addons — 140+ Widgets for ElementorCWE-200 4.3 Medium2025-01-08
CVE-2024-10319 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.6 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template — Xpro Addons — 140+ Widgets for ElementorCWE-200 4.3 Medium2024-11-05
CVE-2024-7791 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Grid Widget — Xpro Addons — 140+ Widgets for ElementorCWE-79 6.4 Medium2024-08-27
CVE-2024-4471 140+ Widgets | Best Addons For Elementor – FREE <= 1.4.3.1 - Authenticated (Contributor+) PHP Object Injection — Xpro Addons — 140+ Widgets for ElementorCWE-502 8.0 High2024-05-23
CVE-2024-4440 140+ Widgets | Best Addons For Elementor – FREE <= 1.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Xpro Addons — 140+ Widgets for ElementorCWE-79 6.4 Medium2024-05-14
CVE-2024-2250 130+ Widgets | Best Addons For Elementor – FREE <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Xpro Addons — 140+ Widgets for ElementorCWE-79 6.4 Medium2024-03-29

This page lists every published CVE security advisory associated with xpro. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.