WordPress Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits plugin <= 2.0.7.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.1
Fixed in Version 2.0.7.3

Timeline

Publicly Published
2026-05-01
Created
2026-04-30

WordPress Master Addons for Elementor plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
5.9
Fixed in Version 2.1.4

Timeline

Publicly Published
2026-03-16
Created
2026-03-13

WordPress Master Addons For Elementor plugin <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'ma_el_bh_table_btn_text' vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.1.2

Timeline

Publicly Published
2026-02-19
Created
2026-02-19

WordPress Master Addons plugin <= 2.0.6.1 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Navigation Menu Widget vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
7.2
Fixed in Version 2.0.6.2

Timeline

Publicly Published
2026-02-11
Created
2026-02-02

WordPress Master Addons for Elementor plugin <= 2.0.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via fancyBox vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.9.1

Timeline

Publicly Published
2025-08-11
Created
2025-08-11

WordPress Master Addons for Elementor plugin <= 2.0.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.8.3

Timeline

Publicly Published
2025-07-16
Created
2025-07-16

WordPress Master Addons plugin <= 2.0.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.7.3

Timeline

Publicly Published
2025-03-04
Created
2025-03-04

WordPress Master Addons plugin <= 2.0.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.7.2

Timeline

Publicly Published
2025-03-04
Created
2025-03-04

WordPress Master Addons for Elementor plugin <= 2.0.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tooltip Module vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.6.8

Timeline

Publicly Published
2025-01-06
Created
2025-01-06

WordPress Master Addons plugin <= 2.0.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-jltma-wrapper-link Element vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.6.5

Timeline

Publicly Published
2024-09-10
Created
2024-09-10

WordPress Master Addons for Elementor plugin <= 2.0.6.2 - Cross Site Scripting (XSS) vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
5.9
Fixed in Version 2.0.6.3

Timeline

Publicly Published
2024-07-11
Created
2024-07-11

WordPress Master Addons plugin <= 2.0.6.1 - Missing Authorization to MA Template Creation or Modification vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Broken Access Control
Score:
6.5
Fixed in Version 2.0.6.2

Timeline

Publicly Published
2024-06-07
Created
2024-06-07

WordPress Master Addons for Elementor plugin <= 2.0.6.0 - Cross Site Scripting (XSS) vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.6.1

Timeline

Publicly Published
2024-06-06
Created
2024-06-06

WordPress Master Addons for Elementor plugin <= 2.0.5.9 - Cross Site Scripting (XSS) vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.6.0

Timeline

Publicly Published
2024-06-06
Created
2024-06-06

WordPress Master Addons for Elementor plugin <= 2.0.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.6.1

Timeline

Publicly Published
2024-05-16
Created
2024-05-16

WordPress Master Addons for Elementor plugin <= 2.0.5.9 - Contributor+ Stored Cross-Site Scripting vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.6.0

Timeline

Publicly Published
2024-05-01
Created
2024-05-01

WordPress Master Addons for Elementor plugin <= 2.0.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pricing Table Widget vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.5.7

Timeline

Publicly Published
2024-03-26
Created
2024-03-26

Wordpress Master Addons for Elementor plugin <= 2.0.3 - Contributor+ Stored Cross-Site Scripting vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Cross Site Scripting (XSS)
Score:
6.5
Fixed in Version 2.0.4

Timeline

Publicly Published
2023-10-11
Created
2023-10-11

WordPress Master Elementor Addons plugin <= 2.0.5.3 - Broken Access Control vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:
Broken Access Control
Score:
6.5
Fixed in Version 2.0.5.4.1

Timeline

Publicly Published
2023-08-22
Created
2023-08-22