CVE-2024-10325

Published November 8th, 2024

View on NVD ↗

CVSS v3

6.4

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.6.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

Ultimate Addons for Elementor

Ultimate Addons for Elementor (UAE) is a lightweight yet powerful Elementor addons plugin that extends Elementors capabilities with purposely built advanced Elementor widgets, templates, and site-building features. UAE has evolved into a trusted Elementor Addons used by over 2 million websites to design creative sections directly within Elementor—no coding required. The free version of UAE includes a hand-picked set of essential widgets like Basic Posts, Info Card, Duplicator, Navigation Menu and more—widgets that are genuinely useful for most websites. It also enables you to design headers and footers visually, and includes time-saving tools like Post Duplicator, improving your design process without cluttering your interface. When you’re ready to go further, <a href="https://ultimateelementor.com/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">UAE Pro</a> unlocks a library of 50+ premium widgets, 200+ pre-designed section blocks, and advanced features like <a href="https://ultimateelementor.com/widgets/cross-site-copy-paste/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Cross-Site Copy-Paste</a>, <a href="https://ultimateelementor.com/widgets/display-conditions/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Advanced Display Conditions</a>, Form Stylers for popular form plugins, and visual effects like <a href="https://ultimateelementor.com/widgets/particle-backgrounds/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Particle Backgrounds</a>. These features are built to save time and offer more design freedom—not just to impress, but to genuinely improve how you build and manage websites. Whether you’re just getting started with WordPress or managing multiple client sites, UAE – Elementor Addons gives you the control, performance, and reliability to design beautiful, high-converting websites efficiently. <a href="https://app.zipwp.com/blueprint/ultimate-addons-for-elementor-demo-fas" rel="nofollow ugc">Try the live demo of Ultimate Addons for Elementor</a> <iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/6xH5n6YYNJE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe> <h3>Why Choose UAE Elementor Addon</h3> Ultimate Addons for Elementor equips you with tools that make page design faster, cleaner, and more creative. Whether you’re just starting your web design journey or building complex websites for clients, UAE can help. <h3>Why Over 2 Million Websites Use Ultimate Addons for Elementor:</h3> <ul> <li> Create Engaging Designs: Build visually stunning sections with widgets that go beyond basic blocks. From Before/After sliders to particle backgrounds, everything is built to captivate, engage, and convert. </li> <li> Copy Elementor Designs From One Domain to Another: Use the Cross-Site Copy Paste feature to move sections and widgets between pages/sites, which streamlines the workflow and saves time. </li> <li> Keep Your Website Light by Loading Only What Is Needed: UAE loads code only for the widgets you use, which helps maintain site performance and supports SEO best practices. </li> <li> Build Faster With 200+ Readymade Section Blocks: Design faster with a massive library of pre-designed content sections. Just insert, customize, and publish. Ideal for agencies and freelancers seeking efficiency. </li> <li> 50+ Premium Widgets That Truly Matter: UAE Pro includes over 50+ carefully crafted widgets. High-impact tools designed to solve real design challenges and boost functionality where it counts. </li> <li> Works Seamlessly With Any WordPress Theme: No theme lock-in or compatibility issues. UAE integrates smoothly with all compliant WordPress themes, including Astra. </li> <li> Designed for Beginners, Loved by Pros: Whether you’re a DIY site builder or a seasoned designer, UAE strikes the balance between ease of use and advanced functionality. </li> <li> Extend Elementor Without Plugin Overload: UAE packs multiple high-utility widgets into one lightweight plugin. Avoid installing multiple third-party plugins that slow down your site or create conflicts. </li> </ul> <h3>Free Widgets in Ultimate Addons for Elementor</h3> <ul> <li> <a href="https://ultimateelementor.com/widgets/basic-posts/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Basic Post</a> – Display a list of your latest blog posts with layout options and styling controls. </li> <li> <a href="https://ultimateelementor.com/widgets/woo-product-grid/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Woo Product Grid</a> – Showcase WooCommerce products in a responsive, customizable grid layout. </li> <li> <a href="https://ultimateelementor.com/widgets/counter/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Counter</a> – Add animated number counters to highlight stats, achievements, or milestones. </li> <li> <a href="https://ultimateelementor.com/widgets/navigation/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Navigation Menu</a> – With this powerful Elementor nav menu addon (widget), you can build responsive menus that match your style. </li> <li> <a href="https://ultimateelementor.com/widgets/site-logo/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Site Logo</a> & <a href="https://ultimateelementor.com/widgets/retina-logo/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Retina Logo</a> – Showcase crisp branding across all devices. </li> <li> <a href="https://ultimateelementor.com/widgets/site-title/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Site Title</a> & <a href="https://ultimateelementor.com/widgets/site-tagline/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Tagline</a> – Display key identity elements clearly and elegantly. </li> <li> <a href="https://ultimateelementor.com/widgets/search/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Search</a> – Add fast, user-friendly search to your header or footer. </li> <li> <a href="https://ultimateelementor.com/widgets/cart/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Cart</a> – Integrate a shopping cart preview for WooCommerce stores. </li> <li> <a href="https://ultimateelementor.com/widgets/page-title/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Page Title</a> – Automatically show relevant page titles for better UX and SEO. </li> <li> <a href="https://ultimateelementor.com/widgets/breadcrumbs/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Breadcrumbs</a> – Improve site navigation and search engine visibility. </li> <li> <a href="https://ultimateelementor.com/widgets/post-info/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Post Info</a> – Display author, date, categories, and more for content clarity. </li> <li> <a href="https://ultimateelementor.com/widgets/scroll-to-top/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Scroll to Top</a> – Give users a seamless way to navigate with this handy scroll addon for Elementor. </li> <li> <a href="https://ultimateelementor.com/widgets/reading-progress-bar/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Reading Progress Bar</a> – Visually indicate article progress for better engagement. </li> <li> <a href="https://ultimateelementor.com/widgets/info-card/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Info Card</a> – Combine icons, headings, text, and CTAs in one flexible block. </li> <li> <a href="https://ultimateelementor.com/widgets/copyright/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Copyright</a> – Easily add site-wide copyright or legal text in the footer. </li> <li> <a href="https://ultimateelementor.com/widgets/duplicator/?utm_source=wprepo&utm_medium=uaelite&utm_campaign=wp-repo-uaelite" rel="nofollow ugc">Post Duplicator</a> – Instantly duplicate posts, pages, headers, footers, and custom blocks to speed up content creation and safely experiment with layouts. </li> </ul> Note: You can refer to our <a href="https://ultimateelementor.com/docs/getting-started-with-ultimate-addons-for-elementor-lite/" rel="nofollow ugc">step-by-step guide</a> that will help you set headers and footers quickly. <h3>How these Elementor widgets help:</h3> <ul> <li>Design full headers and footers visually, no need for theme settings or extra plugins</li> <li>Create consistent layouts that look great on every device</li> <li>Boost productivity using essential, ready-to-use widgets and a powerful Post Duplicator to instantly clone posts or pages and jump-start new content.</li> <li>Improve user experience, accessibility, and on-page SEO</li> <li>Seamlessly works with any WordPress theme for complete design freedom</li> </ul> The free widgets in UAE give you a solid starting point to build fast, functional, and visually appealing websites, whether you’re designing a landing page, a portfolio, or a complete site layout. 🚀 <a href="https://ultimateelementor.com/pricing/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Upgrade to Ultimate Addons for Elementor Pro</a> and unlock limitless possibilities! <h3>Content and Interaction Widgets</h3> Create compelling, high-converting layouts with powerful content widgets designed for Elementor. UAE widgets help you deliver clear, engaging content experiences that are both informative and interactive. Great for business sites, blogs, service pages, and portfolios. <ul> <li> <a href="https://ultimateelementor.com/widgets/svg-animator/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">SVG Animator</a> – Animate SVG illustrations with ease using this widget. Great for adding visual interest and motion to your designs. </li> <li> <a href="https://ultimateelementor.com/widgets/advanced-heading/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Advanced Heading</a> – Design eye-catching headlines with layered styles and dynamic effects. </li> <li> <a href="https://ultimateelementor.com/widgets/business-hours/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Business Hours</a> – Display store or office hours clearly with styled layouts. </li> <li> <a href="https://ultimateelementor.com/widgets/content-toggle/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Content Toggle (Popular)</a> – Switch between content blocks for comparisons, FAQs, or pricing plans. </li> <li> <a href="https://ultimateelementor.com/widgets/google-map/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Google Map</a> – Add responsive, customizable location maps to boost trust and visibility. </li> <li> <a href="https://ultimateelementor.com/widgets/image-gallery/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Image Gallery</a> – Showcase multiple images in a clean, organized grid or masonry layout. </li> <li> <a href="https://ultimateelementor.com/widgets/info-box/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Info Box</a> – Combine icons, titles, and descriptions with CTA buttons in one elegant widget. </li> <li> <a href="https://ultimateelementor.com/widgets/modal-popup/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Modal Popup (Popular)</a> – Easily trigger stylish popups for promotions, lead generation, or key messages. </li> <li> <a href="https://ultimateelementor.com/widgets/posts/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Posts</a> – Showcase your latest blog posts or any custom post types with this visually appealing post grid addon for Elementor. </li> <li> <a href="https://ultimateelementor.com/widgets/price-list/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Price List</a> – Highlight products or services with pricing and description in a clean layout. </li> <li> <a href="https://ultimateelementor.com/widgets/table/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Table</a> – Create sortable, responsive tables to organize data or feature comparisons. </li> <li> <a href="https://ultimateelementor.com/widgets/video/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Video (Popular)</a> – Embed YouTube, Vimeo, or self-hosted videos with custom styling options. </li> <li> <a href="https://ultimateelementor.com/widgets/video-gallery/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Video Gallery</a> – Show multiple videos in a neatly organized, responsive gallery. </li> </ul> <h3>Creative Widgets</h3> Add flair, functionality, and interactivity to your Elementor designs. Ideal for portfolios, agencies, service-based businesses, and conversion-focused landing pages. <ul> <li> <a href="https://ultimateelementor.com/widgets/before-after-slider/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Before After Slider</a> – Visually compare two images using a draggable slider. </li> <li> <a href="https://ultimateelementor.com/widgets/countdown-timer/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Countdown Timer</a> – Create urgency for offers, events, or product launches. </li> <li> <a href="https://ultimateelementor.com/widgets/display-conditions/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Display Conditions</a> – Show or hide content dynamically based on user role, device, login status, and more. </li> <li> <a href="https://ultimateelementor.com/widgets/dual-color-heading/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Dual Color Heading</a> – Highlight key phrases in headings with stylish dual-tone designs. </li> <li> <a href="https://ultimateelementor.com/widgets/fancy-heading/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Fancy Heading</a> – Create animated, visually distinct headlines to capture attention. </li> <li> <a href="https://ultimateelementor.com/widgets/hotspots/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Hotspots (Popular)</a> – Add interactive tooltips to images to explain features or details. </li> <li> <a href="https://ultimateelementor.com/widgets/login-form/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Login Form</a> – Embed a beautifully styled, branded login form right into any page. </li> <li> <a href="https://ultimateelementor.com/widgets/marketing-button/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Marketing Button</a> – Add call to action buttons with built-in icons, hover effects, and dual text. </li> <li> <a href="https://ultimateelementor.com/widgets/multi-buttons/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Multi Buttons</a> – Display multiple action buttons side-by-side for better decision making. </li> <li> <a href="https://ultimateelementor.com/widgets/navigation-menu/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Navigation Menu</a> – Create fully customizable, responsive menus directly within Elementor. </li> <li> <a href="https://ultimateelementor.com/widgets/off-canvas/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Off-Canvas</a> – Create off-screen panels for menus, filters, or extra content that slides into view. </li> <li> <a href="https://ultimateelementor.com/widgets/price-box/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Price Box</a> – Showcase pricing plans with styled headings, features, and call to action buttons. </li> <li> <a href="https://ultimateelementor.com/widgets/retina-image/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Retina Image</a> – Ensure images display perfectly on high-resolution (Retina) screens. </li> <li> <a href="https://ultimateelementor.com/widgets/team-member/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Team Member</a> – Introduce your team with photos, bios, social links and layout options. </li> <li> <a href="https://ultimateelementor.com/widgets/timeline/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Timeline (Popular)</a> – Display milestones, history, or process steps in vertical or horizontal timelines. </li> <li> <a href="https://ultimateelementor.com/widgets/user-registration-form/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">User Registration Form</a> – Let visitors register with a styled, user-friendly form. </li> </ul> <h3>Form Styler Widgets</h3> Match forms to your site design and improve conversions without writing CSS. These widgets let you customize popular WordPress forms with full control over layout, colors, typography, and spacing. <ul> <li> <a href="https://ultimateelementor.com/widgets/contact-form-7/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Contact Form 7 Styler</a> – Easily style CF7 forms to match your brand. </li> <li> <a href="https://ultimateelementor.com/widgets/gravity-form-styler/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Gravity Form Styler (Popular)</a> – Enhance Gravity Forms visually with complete styling control. </li> <li> <a href="https://ultimateelementor.com/widgets/wp-fluent-forms-styler/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">WP Fluent Forms Styler</a> – Customize Fluent Forms to blend seamlessly into your pages. </li> <li> <a href="https://ultimateelementor.com/widgets/wpforms-styler/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">WPForms Styler</a> – Transform WPForms into beautiful, responsive forms without touching a line of code. </li> </ul> <h3>SEO Widgets</h3> Boost search visibility, enhance content structure and build trust from the Elementor editor. <ul> <li> <a href="https://ultimateelementor.com/widgets/business-reviews/?utm_source=wprepo&utm_medium=uaelite" rel="nofollow ugc">Busi

WordPress Plugin Directory

66.1M