GCVE - cpe:2.3:a:stylemixthemes:consulting_elementor

Approved changes feed: RSS · Atom

cpe:2.3:a:stylemixthemes:consulting_elementor_widgets:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Stylemixthemes (`a955917c-2229-564b-bd01-1fb4beeda74f`)
Product	Consulting Elementor Widgets (`48a5dac6-819b-5541-ba9a-4620a6b63af3`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-64361`	vulnerable	2026-06-03 15:09:37.808934	WordPress Consulting Elementor Widgets plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows DOM-Based XSS.This issue affects Consulting Elementor Widgets: from n/a through <= 1.4.2. Published: 2025-10-31T11:42:33.072Z Updated: 2026-04-28T18:30:50.689Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/consulting-elementor-widgets/vulnerability/wordpress-consulting-elementor-widgets-plugin-1-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-64360`	vulnerable	2026-06-03 15:09:37.808578	WordPress Consulting Elementor Widgets plugin <= 1.4.2 - Local File Inclusion vulnerability HIGH (7.5) Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through <= 1.4.2. Published: 2025-10-31T11:42:32.330Z Updated: 2026-04-28T16:14:14.317Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/consulting-elementor-widgets/vulnerability/wordpress-consulting-elementor-widgets-plugin-1-4-2-local-file-inclusion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-37092`	vulnerable	2026-06-03 14:56:05.751340	WordPress Consulting Elementor Widgets plugin <= 1.3.0 - Local File Inclusion vulnerability HIGH (8.5) Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0. Published: 2024-06-24T12:23:37.756Z Updated: 2026-04-28T16:09:55.752Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/consulting-elementor-widgets/wordpress-consulting-elementor-widgets-plugin-1-3-0-local-file-inclusion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-37091`	vulnerable	2026-06-03 14:56:05.750653	WordPress Consulting Elementor Widgets plugin <= 1.3.0 - Remote Code Execution (RCE) vulnerability CRITICAL (9.9) Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in StylemixThemes Consulting Elementor Widgets, StylemixThemes Masterstudy Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0; Masterstudy Elementor Widgets: from n/a through 1.2.2. Published: 2024-06-24T12:09:28.317Z Updated: 2026-04-28T16:09:55.790Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/consulting-elementor-widgets/wordpress-consulting-elementor-widgets-plugin-1-3-0-remote-code-execution-rce-vulnerability?_s_id=cve https://patchstack.com/database/vulnerability/masterstudy-elementor-widgets/wordpress-masterstudy-elementor-widgets-plugin-1-2-2-remote-code-execution-rce-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-37090`	vulnerable	2026-06-03 14:56:05.749216	SQL Injection vulnerability in multiple StylemixThemes premium themes HIGH (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Masterstudy Elementor Widgets, StylemixThemes Consulting Elementor Widgets.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2; Consulting Elementor Widgets: from n/a through 1.3.0. Published: 2024-07-09T09:14:27.844Z Updated: 2026-04-28T16:09:55.773Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/masterstudy-elementor-widgets/wordpress-masterstudy-elementor-widgets-plugin-1-2-2-sql-injection-vulnerability?_s_id=cve https://patchstack.com/database/vulnerability/consulting-elementor-widgets/wordpress-consulting-elementor-widgets-plugin-1-3-0-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-37089`	vulnerable	2026-06-03 14:56:05.746097	WordPress Consulting Elementor Widgets plugin <= 1.3.0 - Unauthenticated Local File Inclusion vulnerability CRITICAL (9) Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0. Published: 2024-06-24T12:07:07.291Z Updated: 2026-04-28T16:09:55.763Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/consulting-elementor-widgets/wordpress-consulting-elementor-widgets-plugin-1-3-0-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Consulting Elementor Widgets

PURL mappings

Vulnerability references

Contribute