CVE-2024-7791

Published August 27th, 2024

View on NVD ↗

CVSS v3

6.4

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘arrow’ parameter within the Post Grid widget in all versions up to, and including, 1.4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Xpro Addons — 140+ Widgets for Elementor

<p>Power up your <a href="https://wordpress.org/plugins/elementor/" rel="ugc">Elementor</a> web design experience with our 50+ <a href="https://elementor.wpxpro.com/" rel="nofollow ugc">FREE Elementor widgets</a>. Use these creative elements with our <a href="https://elementor.wpxpro.com/features/" rel="nofollow ugc">FREE Elementor extensions</a> to stand out from the competition. Our <a href="https://elementor.wpxpro.com/" rel="nofollow ugc">Free Elementor Addons</a> Pack comes with 100s of Pre-built <a href="https://elementor.wpxpro.com/templates/" rel="nofollow ugc">Free Elementor Templates</a> and Blocks to help you get your site live in minutes.</p> <p>Our <a href="https://elementor.wpxpro.com/" rel="nofollow ugc">elementor widgets</a> are designed and coded with a focus on creativity and usability for WP users. This is the reason why we have truly revolutionized the way you design your websites. It’s superfast, simple, and advanced so you don’t require any coding skills.</p> <p><a href="https://elementor.wpxpro.com?utm_source=wp&utm_medium=readme&utm_campaign=xpro_elementor_addons" rel="nofollow ugc">Visit Plugin Site</a> | <a href="https://elementor.wpxpro.com/docs/" rel="nofollow ugc">Documentation</a></p> <h3>50+ <a href="https://elementor.wpxpro.com/" rel="nofollow ugc">FREE ELEMENTOR WIDGETS</a> TO CREATE AMAZING WEBSITES</h3> <p>Xpro Addons For Elementor extends the features and overall functionality of Elementor Page Builder. Our 50+ FREE widgets let you create modern and highly creative websites for your brand, business, or online store with minimal effort.</p> <p>Check out our <a href="https://elementor.wpxpro.com/templates/" rel="nofollow ugc">Free Elementor Templates</a></p> <h3>GIVING YOU THE FREEDOM TO DESIGN <br /> YOUR WEBSITE THE WAY YOU WANT WITH OUR FREE <br /> ELEMENTOR ADDONS</h3> <p><strong>50+ Free Elementor Widgets:</strong></p> <p>Xpro Addons For Elementor are developed by experienced developers. Our motto has always been to provide complete creative freedom to our users. That’s the reason we offer <a href="https://wordpress.org/plugins/xpro-elementor-addons/" rel="ugc">FREE Elementor Addons</a>. Each Xpro addon comes with incredible design aesthetics and creativity to help you create amazing Elementor websites in no time.</p> <ol> <li><a href="https://elementor.wpxpro.com/widgets/simple-gallery/" rel="nofollow ugc">Gallery</a> – Showcase your images in interactive layouts</li> <li><a href="https://elementor.wpxpro.com/widgets/simple-portfolio/" rel="nofollow ugc">Portfolio</a> – Present your portfolio in beautiful layouts & popups styles</li> <li><a href="https://elementor.wpxpro.com/widgets/heading/" rel="nofollow ugc">Heading</a> – Highlight your headings with dual colors & gradient style</li> <li><a href="https://elementor.wpxpro.com/widgets/icon-box/" rel="nofollow ugc">Icon Box</a> – Add beautiful icon boxes on websites, choose from pre-defined styles</li> <li><a href="https://elementor.wpxpro.com/widgets/pricing-table/" rel="nofollow ugc">Pricing</a> – Create attractive pricing tables that convert fast</li> <li><a href="https://elementor.wpxpro.com/widgets/info-list/" rel="nofollow ugc">Info List</a> – Add features & more using custom icons and styles</li> <li><a href="https://elementor.wpxpro.com/widgets/lottie/" rel="nofollow ugc">Lottie</a> – Elementor Lottie animations integration, bedazzle your websites</li> <li><a href="https://elementor.wpxpro.com/widgets/progress-bar/" rel="nofollow ugc">Progress Bar</a> – Showcase the progress on projects or journeys by choosing from 15+ styles</li> <li><a href="https://elementor.wpxpro.com/widgets/pie-chart/" rel="nofollow ugc">Pie Chart</a> – Circle progress with Elementor Page Builder</li> <li><a href="https://elementor.wpxpro.com/widgets/counter/" rel="nofollow ugc">Counter</a> – Show your numbers game & figures with attractive counters</li> <li><a href="https://elementor.wpxpro.com/widgets/button/" rel="nofollow ugc">Button</a> – Quickly add modern buttons & CTAs with hover effects</li> <li><a href="https://elementor.wpxpro.com/widgets/team-grid/" rel="nofollow ugc">Team Grid</a> – Feature your team members in beautiful grids</li> <li><a href="https://elementor.wpxpro.com/widgets/before-after/" rel="nofollow ugc">Before After</a> – Showcase the before and after story of images to users</li> <li><a href="https://elementor.wpxpro.com/widgets/testimonial/" rel="nofollow ugc">Testimonials</a> – Showcase customer reviews & increase your service/product credibility</li> <li><a href="https://elementor.wpxpro.com/widgets/logo-grid/" rel="nofollow ugc">Logo Grid</a> – Highlight brands or product logos in amazing grid style</li> <li><a href="https://elementor.wpxpro.com/widgets/social-icon/" rel="nofollow ugc">Social Icons</a> – Link your social profiles & encourage visitors to follow you</li> <li><a href="https://elementor.wpxpro.com/widgets/social-share/" rel="nofollow ugc">Social Share</a> – Add sharable social platform links to let users share your work/product</li> <li><a href="https://elementor.wpxpro.com/widgets/news-ticker/" rel="nofollow ugc">News Ticker</a> – Use slider & ticker effects to display your content</li> <li><a href="https://elementor.wpxpro.com/widgets/step-flow/" rel="nofollow ugc">Step Flow</a> – Create beautiful flow diagrams & instructions for site visitors</li> <li><a href="https://elementor.wpxpro.com/widgets/author-box/" rel="nofollow ugc">Author Box</a> – Display author details by adding image & description</li> <li><a href="https://elementor.wpxpro.com/widgets/hotspot/" rel="nofollow ugc">HotSpot</a> – Add hotspot icons with tooltips in an image</li> <li><a href="https://elementor.wpxpro.com/widgets/image-scroll/" rel="nofollow ugc">Image Scroll</a> – Show long height images in an amazing way with image scroll</li> <li><a href="https://elementor.wpxpro.com/widgets/drop-cap/" rel="nofollow ugc">Drop Cap</a> – Apply a different style to the first letter of a paragraph</li> <li><a href="https://elementor.wpxpro.com/widgets/business-hours/" rel="nofollow ugc">Business Hours</a> – Display your business hours in a tabular form</li> <li><a href="https://elementor.wpxpro.com/widgets/promo-box/" rel="nofollow ugc">Promo Box</a> – Promote your new offers and sale items in a more lucrative way</li> <li><a href="https://elementor.wpxpro.com/widgets/blockquote/" rel="nofollow ugc">Block Quote</a> – The widget lets you embed fully styled quotes on posts</li> <li><a href="https://elementor.wpxpro.com/widgets/horizontal-timeline/" rel="nofollow ugc">Timeline Horizontal</a> – Showcase your story or company history in an elegant timeline</li> <li><a href="https://elementor.wpxpro.com/widgets/post-grid/" rel="nofollow ugc">Post Grid</a> – Showcase your blog posts in 10+ unique styles</li> <li><a href="https://elementor.wpxpro.com/widgets/table/" rel="nofollow ugc">Table</a> – Insert attractive data table anywhere you want</li> <li><a href="https://elementor.wpxpro.com/widgets/contact-form/" rel="nofollow ugc">Contact Form</a> – Create customized contact forms without third-party plugins</li> <li><a href="https://elementor.wpxpro.com/widgets/third-party-contact-forms/" rel="nofollow ugc">Wp Forms</a> – Design forms with Elementor & WP Forms</li> <li><a href="https://elementor.wpxpro.com/widgets/third-party-contact-forms/" rel="nofollow ugc">Contact Form 7</a> – Design forms with Elementor & cf7</li> <li><a href="https://elementor.wpxpro.com/widgets/third-party-contact-forms/" rel="nofollow ugc">Ninja Forms</a>Ninja Forms – Style your forms the way you like with Ninja Forms</li> <li><a href="https://elementor.wpxpro.com/widgets/third-party-contact-forms/" rel="nofollow ugc">Gravity Form</a> – Design forms with Elementor & Gravity Form</li> <li><a href="https://elementor.wpxpro.com/widgets/horizontal-menu/" rel="nofollow ugc">Horizontal Menu</a> – Use an advanced navigation menu anywhere to drive more clicks</li> <li><a href="https://elementor.wpxpro.com/widgets/scroll-to-top/" rel="nofollow ugc">Scroll Top Button</a> – Lets your visitors go back to the top of a page with a single click</li> <li><a href="https://elementor.wpxpro.com/widgets/taxonomies/" rel="nofollow ugc">Taxonomies</a> – Create posts list by sorting categories, tags, post formats</li> <li><a href="https://elementor.wpxpro.com/site-title/" rel="nofollow ugc">Site Title</a> – To show site title anywhere on the website</li> <li><a href="https://elementor.wpxpro.com/site-logo/" rel="nofollow ugc">Site Logo</a> – To display site logo anywhere on the website</li> <li><a href="https://elementor.wpxpro.com/post-title/" rel="nofollow ugc">Post Title</a> – To show current page & post title</li> <li><a href="https://elementor.wpxpro.com/featured-image/" rel="nofollow ugc">Featured Image</a> – To display current page & post featured image dynamically</li> <li><a href="https://elementor.wpxpro.com/post-content/" rel="nofollow ugc">Post Content/Excerpt</a> – To show current page & post content</li> </ol> <p><strong>7+ Free WooCommerce Widgets for Elementor </strong></p> <p>Elevate your online store experience with our powerful WooCommerce widgets. These widgets are fully functional and help you build highly professional, user-friendly eCommerce websites to grow your business faster.</p> <ol> <li>Woo Product Title – To show current product title</li> <li>Woo Product Description – To display the current product description</li> <li>Woo Product Price – To show active product price</li> <li>Woo Product Images – To show the current product featured image</li> <li>Woo Product Rating – To display current product rating</li> <li>Woo Product Add To Cart – To add & display the “Add to Cart” button on products</li> <li>Woo Product Grid – Showcase your products in 10+ unique styles</li> </ol> <p><a href="https://elementor.wpxpro.com/widgets/" rel="nofollow ugc">Explore All Widgets</a></p> <h3>GET MORE CREATIVE WITH FREE ELEMENTOR EXTENSIONS</h3> <p><strong>10+ Elementor Extensions (Free)</strong></p> <p>Xpro Extensions for Elementor are unique features created for Elementor lovers. These amazing FREE features extend the Elementor capabilities and let you create eye-popping effects on your website using any Xpro Widget.</p> <ol> <li>Floating Effect – Add unique animations and effects to elements</li> <li>Xpro Icons – Choose & add from our massive library of 300+ line icons</li> <li>Custom CSS – Add custom CSS to widget, column & section</li> <li>Xpro Theme Builder – Create header, footer, singular, and archive layouts for free</li> <li>Template Importer – Import templates from our evergrowing library of design assets</li> <li>Post Duplicator – Easily duplicate posts & pages in a single click</li> <li>Entrance Animation – Add unique entrance animations from our pre-defined styles</li> </ol> <h3>Xpro <a href="https://wordpress.org/plugins/xpro-theme-builder/" rel="ugc">Elementor Theme Builder</a> (Free)</h3> <p>Our Free <a href="https://elementor.wpxpro.com/theme-builder/" rel="nofollow ugc">Elementor Theme Builder</a> lets you design & customize each theme part right from the front-end live dashboard. The plugin comes with a massive library of pre-built Page Templates and Blocks which you can easily import and get your Elementor website live in no time.</p> <ul> <li>Build a new or customize pre-built header and footer for mobile, desktop, and tablet view</li> <li>Edit theme parts like archive pages (blog post, categories, tag archive, author archive)</li> <li>Customize singular/detailed pages (single post, single page, single product, cart, checkout, account)</li> <li>Design a theme’s search page format and layout</li> <li>Design WooCommerce product pages</li> <li>Manage Display Conditions and User Roles</li> </ul> <p>Xpro Elementor Theme Builder is fully compatible and works seamlessly with popular themes like <a href="https://wordpress.org/themes/xpro/" rel="ugc">Xpro</a>, Hello, GeneratePress, and Astra. You can use any Xpro Elementor Widget along with the following dedicated theme builder widgets to design custom headers, footers, singular, and archive layouts!</p> <ol> <li><a href="https://elementor.wpxpro.com/widgets/horizontal-menu/" rel="nofollow ugc">Horizontal Menu</a> – Use an advanced navigation menu anywhere to drive more clicks</li> <li><a href="https://elementor.wpxpro.com/widgets/site-title/" rel="nofollow ugc">Site Title</a> – To show site title anywhere on the website</li> <li><a href="https://elementor.wpxpro.com/widgets/site-logo/" rel="nofollow ugc">Site Logo</a>Site Logo – To display site logo anywhere on the website</li> <li><a href="https://elementor.wpxpro.com/widgets/post-title/" rel="nofollow ugc">Post Title</a> – To show current page & post title</li> <li><a href="https://elementor.wpxpro.com/widgets/featured-image/" rel="nofollow ugc">Featured Image</a> – To display current page & post featured image dynamically</li> <li><a href="https://elementor.wpxpro.com/widgets/post-content/" rel="nofollow ugc">Post Content/Single Excerpt</a> – To show current page & post content</li> </ol> <h3>Xpro Theme for Elementor (Free)</h3> <p>Our <a href="https://wordpress.org/themes/xpro/" rel="ugc">Free Theme For Elementor</a> fully compatible with the Elementor page builder. A modern, versatile, lightweight, and very fast theme to power up your WordPress websites.</p> <h3>COMPLETE CREATIVE DESIGN FREEDOM</h3> <p><strong>300+ Blocks</strong></p> <p>Choose from our wide range of modern and dynamic blocks to quickly add relevant sections to your websites. It’s the fastest way to design beautiful Elementor websites.</p> <p><strong>100+ Page Templates</strong></p> <p>Explore our massive library of 100s of pre-built modern page templates to quickly get your website live. Online store, restaurant, agency, personal portfolio, real estate, you name it.</p> <p><strong>Hands-on Support</strong></p> <p>Our expert support team is available 24/7 to assist you with any issue. We have a world-class customer support ticketing system and we offer a same-day solution to our valued users.</p> <p><a href="https://elementor.wpxpro.com/contact-us/" rel="nofollow ugc">Contact Us</a></p> <h3>GET MORE CREATIVE WITH THE PRO VERSION</h3> <p><a href="https://elementor.wpxpro.com/premium/" rel="nofollow ugc">Xpro Addons For Elementor – Pro</a> completely boosts up your Elementor Page Builder experience so that you can create modern, customized, and highly user-friendly websites in no time. Our Pro Addons not only comes with Advanced Widgets and Extensions but also offers 100+ Pre-made Blocks and 150+ Full Page Templates to quickly start your web design journey.</p> <p><a href="https://elementor.wpxpro.com/buy/" rel="nofollow ugc">Upgrade to our Pro version.</a></p> <h3>70+ Pro Elementor Widgets</h3> <p>Xpro Addons For Elementor – Pro is a complete package of the most advanced and unique 140+ widgets for your Elementor website. It’s a complete suite of powerful, interactive, and highly customizable essential Elementor widgets including:</p> <ol> <li><a href="https://elementor.wpxpro.com/widgets/advanced-gallery/" rel="nofollow ugc">Advanced Gallery</a> – Showcase your images in the most beautiful way using Mosaic and Masonry layouts</li> <li><a href="https://elementor.wpxpro.com/widgets/carousel-gallery/" rel="nofollow ugc">Carousel Gallery</a> – Highlight your images in an attractive slider to draw attention</li> <li><a href="https://elementor.wpxpro.com/widgets/advanced-portfolio/" rel="nofollow ugc">Advanced Portfolio</a> – Design amazing portfolios using our premium layout styles, hover effects & popups</li> <li><a href="https://elementor.wpxpro.com/widgets/carousel-portfolio/" rel="nofollow ugc">Carousel Portfolio</a> – Design beautiful carousel portfolios for your product, service, or personal use</li> <li><a href="https://elementor.wpxpro.com/widgets/list-portfolio/" rel="nofollow ugc">List Portfolio</a> – Entice users with amazing list portfolios for your images in the most beautiful way</li> <li><a href="https://elementor.wpxpro.com/widgets/multi-layer-slider/" rel="nofollow ugc">Multi Layer Slider</a> – Create attractive slides with simple drag’n’drop options, imagination is the only limit here</li> <li><a href="https://elementor.wpxpro.com/widgets/animated-heading/" rel="nofollow ugc">Animated Heading</a> – Animate your heading titles using our 23+ premium animation styles</li> <li><a href="https://elementor.wpxpro.com/widgets/advanced-heading/" rel="nofollow ugc">Advanced Heading</a> – Convert your catchy taglines into attractive headings, add background images, gradients, GIFs & more</li> <li><a href="https://elementor.wpxpro.com/widgets/image-masking/" rel="nofollow ugc">Image Masking</a> – Beautify your website images with 55+ preset shapes and unlimited customization</li> <li><a href="https://elementor.wpxpro.com/widgets/advanced-tabs/" rel="nofollow ugc">Advanced Tabs</a> – Create beautiful tabbed content for your website by adding dynamic content in minutes</li> <li><a href="https://elementor.wpxpro.com/widgets/pricing-carousel/" rel="nofollow ugc">Pricing Carousel</a> – Show pricing table in beautiful sliders and drive more sales</li> <li><a href="https://elementor.wpxpro.com/widgets/pricing-matrix/" rel="nofollow ugc">Pricing Matrix</a> – Highly customizable widget with tons of styling options</li> <li><a href="https://elementor.wpxpro.com/widgets/info-box/" rel="nofollow ugc">Info Box</a> – Design a beautiful info box on your website, choose from predefined styles</li> <li><a href="https://elementor.wpxpro.com/widgets/info-box/" rel="nofollow ugc">Dual Buttons</a> – Add two modern and trendy action buttons in your sections</li> <li><a href="https://elementor.wpxpro.com/widgets/product-view-360/" rel="nofollow ugc">360° Product View</a> – Create 360° degree rotated images for your products</li> <li><a href="https://elementor.wpxpro.com/widgets/team-carousel/" rel="nofollow ugc">Team Carousel</a> – Flaunt your talented team in a beautiful slider</li> <li><a href="https://elementor.wpxpro.com/widgets/testimonial-carousel/" rel="nofollow ugc">Testimonials Carousel</a> – Showcase the reviews & testimonials from your customers in sliders</li> <li><a href="https://elementor.wpxpro.com/widgets/logo-carousel/" rel="nofollow ugc">Logo Carousel</a> – Highlight brands or product logos in a carousel</li> <li><a href="https://elementor.wpxpro.com/widgets/hover-cards/" rel="nofollow ugc">Hover Cards</a> – Quickly add modern content with hover effects</li> <li><a href="https://elementor.wpxpro.com/widgets/content-toggle/" rel="nofollow ugc">Content Toggle</a> – Add a large piece of content in less space by adding toggles</li> <li><a href="https://elementor.wpxpro.com/widgets/modal-popup" rel="nofollow ugc">Modal Popup</a> – Build amazing popups with simple drag’n’drop options in Elementor Page Builder</li> <li><a href="https://elementor.wpxpro.com/widgets/cookie-consent/" rel="nofollow ugc">Cookies</a> – To save browser cookies for marketing purposes</li> <li><a href="https://elementor.wpxpro.com/widgets/alert-box/" rel="nofollow ugc">Alert Box</a> – Provides an easy way to create predefined alert messages</li> <li><a href="https://elementor.wpxpro.com/widgets/advanced-accordion/" rel="nofollow ugc">Advance Accordions</a> – Add beautifully nest

WordPress Plugin Directory

618K