UltraAddons for Elementor

Vulnerabilities 9Slug ultraaddons-elementor-liteLatest version 2.0.2WordPress.org →

Minimum safe version

1.1.9

Update to 1.1.9 or later to address 5 fixable vulnerabilities

Latest available2.0.2 ✓⚠ 4 vulnerabilities have no fix

Medium 6.5 Unfixed

2025-05-16≤ 2.0.2

WordPress UltraAddons Elementor Lite plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability

CVE EUVD Wordfence

Medium 4.3 Unfixed

2025-04-04≤ 2.0.2

WordPress UltraAddons – Elementor Addons plugin <= 2.0.2 - Cross Site Request Forgery (CSRF) vulnerability

CVE Patchstack EUVD Wordfence

Medium 4.3

2024-11-21< 1.1.9

CVE-2024-10696

CVE Wordfence Patchstack

Medium 6.5 Unfixed

2024-10-17≤ 2.0.2

WordPress UltraAddons – Elementor Addons plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability

CVE Patchstack Wordfence

Medium 5.4

2024-07-10< 1.1.7

CVE-2024-4866

CVE Patchstack Wordfence

Medium 6.5 Unfixed

2024-07-06≤ 2.0.2

WordPress UltraAddons plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability

CVE Patchstack Wordfence

N/A

2023-07-19< 1.1.0

WordPress UltraAddons Elementor Lite (Header & Footer Builder, Menu Builder, Cart Icon, Shortcode) Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

N/A

2022-02-28< 1.1.1

WordPress UltraAddons Elementor Lite plugin <= 1.1.0 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 1.1.1

WordPress UltraAddons Elementor Lite plugin <= 1.1.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack