Envato Elements – Photos & Elementor Templates Security Vulnerabilities

CVE-2023-48761 WordPress JetElements For Elementor plugin <= 2.6.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through...

Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection

The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST...

CVE-2024-6132

The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with...

CVE-2024-6132

The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with...

CVE-2024-6132 Pexels: Free Stock Photos <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload

The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with...

CVE-2024-6132 Pexels: Free Stock Photos <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload

The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with...

CVE-2024-4623

The Blogmentor – Blog Layouts for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pagination_style’ parameter in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2024-4663

The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-4623

The Blogmentor – Blog Layouts for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pagination_style’ parameter in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2024-4663

The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-4623 Blogmentor – Blog Layouts for Elementor <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via pagination_style Parameter

The Blogmentor – Blog Layouts for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pagination_style’ parameter in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2024-4623 Blogmentor – Blog Layouts for Elementor <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via pagination_style Parameter

The Blogmentor – Blog Layouts for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pagination_style’ parameter in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2024-4663 OSM Map Widget for Elementor <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-4663 OSM Map Widget for Elementor <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

Signal Foundation Warns Against EU's Plan to Scan Private Messages for CSAM

A controversial proposal put forth by the European Union to scan users' private messages for detection of child sexual abuse material (CSAM) poses severe risks to end-to-end encryption (E2EE), warned Meredith Whittaker, president of the Signal Foundation, which maintains the privacy-focused...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.2

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.2 Vulnerability Details ** CVEID: CVE-2018-1000134 DESCRIPTION: **Ping Identity UnboundID LDAP SDK could allow a remote attacker...

Smart S210 Management Platform - Arbitary File Upload

A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted...

Exrick XMall - SQL Injection

XMall v1.1 was discovered to contain a SQL injection vulnerability via the 'orderDir'...

XWiki < 4.10.20 - Remote code execution

XWiki is vulnerable to a remote code execution (RCE) attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the "first name" or "last name" fields during user registration. This impacts all installations that have...

XWiki < 4.10.20 - Remote code execution

XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed....

XWiki < 4.10.15 - Email Disclosure

The Solr-based search in XWiki discloses the email addresses of users even when obfuscation of email addresses is enabled. To demonstrate the vulnerability, search for objcontent:email* using XWiki's regular search...

XWiki < 4.10.15 - Sensitive Information Disclosure

XWiki Platform is a generic wiki platform. Starting in 7.2-milestone-2 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, the Solr-based search in XWiki discloses the password hashes of all users to anyone with view right on the respective user profiles. By default, all user profiles are...

XWiki < 4.10.15 - Information Disclosure

The Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all documents of all wikis to anybody who has access to it, by default it is public. This exposes all information stored in the wiki (but not some protected...

CrateDB Database - Arbitrary File Read

CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY.....

Smart s200 Management Platform v.S200 - SQL Injection

SQL Injection vulnerability in Baizhuo Network Smart s200 Management Platform v.S200 allows a local attacker to obtain sensitive information and escalate privileges via the /importexport.php...

LyLme-Spage - Arbitary File Upload

An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted...

CRMEB v.5.2.2 - SQL Injection

SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in the ProductController.php...

D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure

A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request...

CVE-2024-0845

The PDF Viewer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the render function in all versions up to, and including, 2.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level.....

CVE-2024-0845

The PDF Viewer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the render function in all versions up to, and including, 2.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level.....

CVE-2024-0845 PDF Viewer for Elementor <= 2.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via render

The PDF Viewer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the render function in all versions up to, and including, 2.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level.....

CVE-2024-0845 PDF Viewer for Elementor <= 2.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via render

The PDF Viewer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the render function in all versions up to, and including, 2.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level.....

glibc security update

[2.17-326.0.6.3] - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: April-28-2023 Cupertino Miranda - 2.17-326.0.6 - OraBug 35338741 Glibc tunable to disable huge pages on pthread_create stacks Reviewed-by: Jose E. Marchesi February-22-2023...

Oracle Linux 7 : glibc (ELSA-2024-12442)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12442 advisory. - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi &lt;[email protected]&gt; Oracle history: April-28-2023...

Zero-Day Marketplace Explained: How Zerodium, BugTraq, and Fear contributed to the Rise of the Zero-Day Vulnerability Black Market

Whenever a company is notified about or discovers a critical flaw in their system/application that has the potential to be exploited by malicious elements, it’s termed a vulnerability. However, every time a flaw being actively exploited is discovered, code red is punched as the organization’s IT...

XWiki - Open Redirect

XWiki Platform is vulnerable to open redirect attacks due to improper validation of the xredirect parameter. This allows an attacker to redirect users to an arbitrary website. The vulnerability is patched in versions 14.10.4 and...

What is DevSecOps and Why is it Essential for Secure Software Delivery?

Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive.....

Improper Authentication

zendframework/zendopenid is vulnerable to Improper Authentication. The vulnerability is due to insufficient parameter validation resulting in accepting tokens with arbitrary signed elements. Ab attacker can impersonate any OpenID Identity by using a malicious OpenID Provider, resulting in...

Cross-site Scripting (XSS)

TYPO3 is vulnerable to cross-site scripting (XSS). The vulnerability is due to templates using built-in Fluid ViewHelpers which fail to properly encode user...

Fujian Kelixin Communication - Command Injection

A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file...

F-logic DataCube3 - SQL Injection

SQL injection vulnerability in f-logic datacube3 v.1.0 allows a remote attacker to obtain sensitive information via the req_id...

Microsoft Edge (Chromium-Based) Multiple Spoofing Vulnerabilities - Jun24

Microsoft Edge (Chromium-Based) is prone to multiple spoofing...

PDF Viewer for Elementor <= 2.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via render

Description The PDF Viewer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the render function in all versions up to, and including, 2.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-38443

C/sorting/binary_insertion_sort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50...

CVE-2024-38443

C/sorting/binary_insertion_sort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50...

CVE-2024-38443

C/sorting/binary_insertion_sort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50...

EyouCms v1.6.3 - Information Disclosure

EyouCms v1.6.3 was discovered to contain an information disclosure vulnerability via the component...

Business Directory Plugin <= 6.4.2 - SQL Injection

The Business Directory Plugin Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘listingfields’ parameter in all versions up to, and including, 6.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient...

Dokan Pro <= 3.10.3 - SQL Injection

The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

Gradio < 2.5.0 - Arbitrary File Read

Files on the host computer can be accessed from the Gradio...