Premium Addons for Elementor
Leap13
Developer
4.11.71
Latest version
700,000
Installations
No date
Last updated
Vulnerability history
0 present
36 patched
2 Mitigation rules
- Authenticated (Contributor+) Stored Cross-Site Scripting via 'arrow_style' vulnerability<= 4.10.2802/02/2026
- Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Global Tooltip vulnerability<= 4.10.3102/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget vulnerability<= 4.10.3102/02/2026
- Settings Change vulnerability<= 4.11.6317/01/2026
- Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content' vulnerability<= 4.11.5331/12/2025
- Cross-Site Request Forgery via 'insert_inner_template' vulnerability<= 4.11.5322/12/2025
- Sensitive Data Exposure vulnerability<= 4.11.5304/12/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 4.10.6903/07/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability<= 4.11.811/06/2025
- Broken Access Control vulnerability<= 4.10.5619/12/2024
- Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Video Box Widget vulnerability<= 4.10.6029/10/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Media Grid Widget vulnerability<= 4.10.5227/09/2024
- Missing Authorization to Authenticated (Contributor+) Arbitrary Content Deletion and Arbitrary Title Update vulnerability<= 4.10.3808/08/2024
- Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget vulnerability<= 4.10.3612/07/2024
- Cross Site Scripting (XSS) vulnerability<= 4.10.3409/07/2024
- Regular Expressions Denial of Service vulnerability<= 4.10.3504/07/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability<= 4.10.3503/07/2024
- Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability<= 4.10.3311/06/2024
- Missing Authorization to Information Disclosure vulnerability<= 4.10.3131/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 4.10.3123/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 4.10.3030/04/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 4.10.2824/04/2024
- Cross Site Scripting (XSS) vulnerability<= 4.10.2522/04/2024
- Authenticated Stored Cross-Site Scripting vulnerability<= 4.10.2711/04/2024
- Authenticated Stored Cross-Site Scripting vulnerability<= 4.10.2411/04/2024
- Authenticated DOM-Based Stored Cross-Site Scripting vulnerability<= 4.10.2411/04/2024
- Authenticated Stored Cross-Site Scripting vulnerability<= 4.10.1611/04/2024
- Sensitive Data Exposure vulnerability<= 4.10.2205/04/2024
- Cross Site Scripting (XSS) vulnerability<= 4.10.1615/03/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 4.10.2314/03/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Banner, Team Members, and Image Scroll Widgets vulnerability<= 4.10.2129/02/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 4.10.1822/02/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via onClick Events vulnerability<= 4.10.1815/02/2024
- Cross Site Scripting (XSS) vulnerability<= 4.10.1602/02/2024
- Arbitrary Blog Option Update vulnerability<= 4.5.130/08/2021
- Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities<= 4.2.713/04/2021