Master Addons for Elementor: Stored Malicious Code Can Be Injected

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.9

Master Addons for Elementor: Stored Malicious Code Can Be Injected

CVE-2024-52387

Summary

The Master Addons for Elementor plugin has a security flaw that allows an attacker to inject malicious code into a website, potentially leading to unauthorized actions or data exposure. This affects versions of the plugin up to 2.0.9.9.4. Update to the latest version to ensure your site is secure.

Original title

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Stored XSS.This issue affects Mas...

Original description

nvd CVSS3.1 5.9

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://patchstack.com/database/Wordpress/Plugin/master-addons/vulnerability/wor...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026