CVE-2024-13808 – Xpro Elementor Addons – Pro WordPress Remote Code Execution Vulnerability

April 26, 2025

CVE ID : CVE-2024-13808

Published : April 26, 2025, 5:15 a.m. | 2 hours, 14 minutes ago

Description : The Xpro Elementor Addons – Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom PHP widget. This is due to their only being client side controls when determining who can access the widget. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-1458 – Elementor Element Pack Addons Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-2801 – WordPress Create Custom Forms Plugin Arbitrary Shortcode Execution Vulnerability

Highlights

CVE-2025-4765 – PHPGurukul Zoo Management System SQL Injection Vulnerability

May 16, 2025

CVE ID : CVE-2025-4765

Published : May 16, 2025, 9:15 a.m. | 3 hours, 7 minutes ago

Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been classified as critical. Affected is an unknown function of the file /admin/contactus.php. The manipulation of the argument mobnum leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Stop writing tests: Automate fully with Generative AI

Opsera’s Codeglide.ai lets developers easily turn legacy APIs into MCP servers

Black Duck Security GitHub App, NuGet MCP Server preview, and more – Daily News Digest

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

This new Coros watch has 3 weeks of battery life and tracks way more – even fly fishing

5 ways automation can speed up your daily workflow – and implementation is easy

This new C-suite role is more important than ever in the AI era – here’s why

iPhone users may finally be able to send encrypted texts to Android friends with iOS 26

Creating Dynamic Real-Time Features with Laravel Broadcasting

Creating Dynamic Real-Time Features with Laravel Broadcasting

Understanding Tailwind CSS Safelist: Keep Your Dynamic Classes Safe!

Sitecore’s Content SDK: Everything You Need to Know

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Microsoft admits it broke “Reset this PC” in Windows 11 23H2 KB5063875, Windows 10 KB5063709

Windows 11 can now screen record specific app windows using Win + Shift + R (Snipping Tool)

CVE-2024-13808 – Xpro Elementor Addons – Pro WordPress Remote Code Execution Vulnerability

Investors beware: AI-powered financial scams swamp social media

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

CVE-2025-5176 – Realce Tecnologia Queue Ticket Kiosk SQL Injection Vulnerability

Pinta 3.0 Released With New Effects and GTK4 Port

How to Build a Custom MCP Server with TypeScript – A Handbook for Developers

A Coding Implementation of Accelerating Active Learning Annotation with Adala and Google Gemini

CVE-2025-4765 – PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE-2025-52793 – Esselink.nu CSRF and XSS

You can finally move Chrome’s address bar on Android – here’s how

Data Center Setup Cost for Startups in India | Affordable Implementation Services

CVE-2024-13808 – Xpro Elementor Addons – Pro WordPress Remote Code Execution Vulnerability

Related Posts