Happy Addons for Elementor
HappyMonster
Developer
3.21.1
Latest version
400,000
Installations
No date
Last updated
Vulnerability history
0 present
40 patched
0 Mitigation rules
- Insecure Direct Object Reference to Authenticated (Contributor+) Post Duplication via 'post_id' Parameter vulnerability<= 3.21.010/03/2026
- Insecure Direct Object Reference to Authenticated (Contributor+) Stored Cross-Site Scripting via Template Conditions vulnerability<= 3.21.010/03/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field vulnerability<= 3.20.702/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Photo Stack Widget vulnerability<= 3.10.302/02/2026
- Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via title_tag vulnerability<= 3.10.402/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title HTML Tag vulnerability<= 3.10.402/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title HTML Tag vulnerability<= 3.10.402/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Calendy vulnerability<= 3.10.402/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group, Photo Stack, & Horizontal Timeline vulnerability<= 3.10.402/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar Widget vulnerability<= 3.10.702/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion vulnerability<= 3.10.902/02/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 3.10.802/02/2026
- SQL Injection vulnerability<= 3.20.423/01/2026
- Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability<= 3.12.231/12/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS vulnerability<= 3.20.322/12/2025
- Broken Access Control vulnerability<= 3.20.304/12/2025
- Cross Site Scripting (XSS) Vulnerability<= 3.16.227/03/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 3.15.107/01/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison vulnerability<= 3.12.512/11/2024
- Broken Access Control vulnerability<= 3.12.313/10/2024
- Cross Site Scripting (XSS) vulnerability<= 3.12.030/09/2024
- Authenticated (Contributor+) Sensitive Information Exposure vulnerability<= 3.12.225/09/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via PDF View Widget vulnerability<= 3.11.229/07/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Gradient Heading Widget vulnerability<= 3.11.101/07/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation Widget vulnerability<= 3.10.931/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via _id Parameter vulnerability<= 3.10.820/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group Widget vulnerability<= 3.10.716/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Calendly Widget vulnerability<= 3.10.626/04/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags vulnerability<= 3.10.522/04/2024
- Cross Site Scripting (XSS) vulnerability<= 3.10.419/04/2024
- Incorrect Authorization to Information Exposure vulnerability<= 3.10.417/04/2024
- Cross Site Scripting (XSS) vulnerability<= 3.10.115/03/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Archive Title Widget vulnerability<= 3.10.307/03/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Author Meta Widget vulnerability<= 3.10.307/03/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 3.10.129/02/2024
- Broken Access Control on Post Clone vulnerability<= 3.10.102/02/2024
- Reflected Cross-Site Scripting vulnerability<= 3.9.1.105/01/2024
- Server Side Request Forgery (SSRF) vulnerability<= 3.9.1.127/12/2023
- Cross Site Request Forgery (CSRF) vulnerability<= 3.8.229/03/2023
- Cross-Site Request Forgery (CSRF) vulnerability<= 3.7.221/03/2023