Missing Authorization vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
7.5CVSS
7.7AI Score
0.0004EPSS
Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
5.4CVSS
5.5AI Score
0.0004EPSS
Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
5.4CVSS
6.8AI Score
0.0004EPSS
Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
5.4CVSS
5.8AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
5.4CVSS
5.5AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
5.4CVSS
6.8AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Stored XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through...
6.5CVSS
6.4AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Stored XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
6.5CVSS
6.4AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Addons for Elementor (Templates, Widgets) allows Stored XSS.This issue affects WPZOOM Addons for Elementor (Templates, Widgets): from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Addons for Elementor (Templates, Widgets) allows Stored XSS.This issue affects WPZOOM Addons for Elementor (Templates, Widgets): from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
5.4CVSS
5.7AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Addons for Elementor (Templates, Widgets) allows Stored XSS.This issue affects WPZOOM Addons for Elementor (Templates, Widgets): from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpOpal Opal Widgets For Elementor allows Stored XSS.This issue affects Opal Widgets For Elementor: from n/a through...
6.5CVSS
6.4AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpOpal Opal Widgets For Elementor allows Stored XSS.This issue affects Opal Widgets For Elementor: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Reflected XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
7.1CVSS
6.9AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Reflected XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
7.1CVSS
6.8AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Stored XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Reflected XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through...
7.1CVSS
7.1AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpOpal Opal Widgets For Elementor allows Stored XSS.This issue affects Opal Widgets For Elementor: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpOpal Opal Widgets For Elementor allows Stored XSS.This issue affects Opal Widgets For Elementor: from n/a through...
6.5CVSS
6.7AI Score
0.0004EPSS
Description The Fancy Elementor Flipbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Fancy Elementor Flipbox widget in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
6.4CVSS
5.8AI Score
0.0004EPSS
RomethemeForm For Elementor < 1.1.3 - Missing Authorization
Description The RomethemeForm For Elementor plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to modify...
5.3CVSS
6.9AI Score
0.0004EPSS
Description The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in versions up to, and including, 2.0.5.9 due to insufficient input sanitization and output escaping......
6.4CVSS
5.8AI Score
0.001EPSS
Elementor Addon Elements < 1.13.4 - Contributor+ Stored XSS
Description The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets due to insufficient input sanitization and output escaping. This makes it possible for...
6.4CVSS
5.8AI Score
0.001EPSS
Description The The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.8.2. This makes it possible for authenticated attackers, with subscriber-level access and...
4.9CVSS
6.7AI Score
0.0004EPSS
RomethemeKit For Elementor < 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The RomethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with.....
6.5CVSS
5.9AI Score
0.0004EPSS
Advanced Testimonial Carousel for Elementor < 3.0.1 - Missing Authorization
Description The Advanced Testimonial Carousel for Elementor plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the handleAjaxCalls() function in versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with...
4.3CVSS
6.7AI Score
0.0004EPSS
Elementor ImageBox <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Elementor ImageBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image box widget in all versions up to, and including, 1.2.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated....
6.4CVSS
5.8AI Score
0.0004EPSS
Qi Addons For Elementor < 1.7.1 - Contributor+ Stored XSS
Description The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget's attributes due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to...
6.4CVSS
5.8AI Score
0.0004EPSS
Description The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's JKit - Banner widget in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
6.4CVSS
5.8AI Score
0.001EPSS
Royal Elementor Kit < 1.0.117 - Cross-Site Request Forgery to Notice Dismissal
Description The Royal Elementor Kit theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.116. This is due to missing or incorrect nonce validation on the dismissed_handler() function. This makes it possible for unauthenticated attackers to...
4.3CVSS
6.6AI Score
0.0004EPSS
Description The The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.0.8.3 due to insufficient input sanitization and output escaping. This makes it possible...
7.1CVSS
6.5AI Score
0.0004EPSS
RHEL 7 / 8 : Red Hat OpenStack Platform (python-werkzeug) (RHSA-2023:1281)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1281 advisory. Werkzeug started as simple collection of various utilities for WSGI applications and has become one of the most advanced WSGI utility...
7.5CVSS
7.7AI Score
0.001EPSS
RHEL 9 : Red Hat OpenStack Platform 17.0 (python-werkzeug) (RHSA-2023:1018)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1018 advisory. Werkzeug ======== Werkzeug started as simple collection of various utilities for WSGI applications and has become one of the most...
7.5CVSS
6.7AI Score
0.001EPSS
RHEL 6 : convert2rhel (RHSA-2022:1618)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1618 advisory. convert2rhel: Red Hat account password passed via command line by code (CVE-2022-0852) Note that Nessus has not tested for this issue but has...
5.5CVSS
7.1AI Score
0.0005EPSS
RHEL 8 : convert2rhel (RHSA-2022:1599)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1599 advisory. convert2rhel: Red Hat account password passed via command line by code (CVE-2022-0852) Note that Nessus has not tested for this issue but has...
5.5CVSS
7.1AI Score
0.0005EPSS
RHEL 6 : convert2rhel (RHSA-2022:6266)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6266 advisory. convert2rhel: Activation key passed via command line by code (CVE-2022-0851) Note that Nessus has not tested for this issue but has instead relied...
5.5CVSS
6.9AI Score
0.0005EPSS
RHEL 8 : convert2rhel (RHSA-2022:6269)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6269 advisory. convert2rhel: Activation key passed via command line by code (CVE-2022-0851) Note that Nessus has not tested for this issue but has instead relied...
5.5CVSS
6.9AI Score
0.0005EPSS
RHEL 7 : convert2rhel (RHSA-2022:1617)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1617 advisory. convert2rhel: Red Hat account password passed via command line by code (CVE-2022-0852) Note that Nessus has not tested for this issue but has...
5.5CVSS
7.1AI Score
0.0005EPSS
RHEL 7 : convert2rhel (RHSA-2022:6268)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6268 advisory. convert2rhel: Activation key passed via command line by code (CVE-2022-0851) Note that Nessus has not tested for this issue but has instead relied...
5.5CVSS
7.3AI Score
0.0005EPSS
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget's attributes in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
6.4CVSS
5.7AI Score
0.0004EPSS
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget's attributes in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
6.4CVSS
5.7AI Score
0.0004EPSS
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget's attributes in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
6.4CVSS
5.8AI Score
0.0004EPSS
vyper is vulnerable to Double Evaluation. The vulnerability is due to the build_IR function of the sqrt builtin not caching the argument to the stack, allowing for multiple evaluations when the argument has...
5.3CVSS
6.8AI Score
0.0004EPSS
vyper is vulnerable to Improper Input Validation. The vulnerability is due to using the slice builtin withmsg.data, self.code, or .code as the buffer argument, when either the start or length arguments have side-effects, allowing an attacker to manipulate the smart contract's behaviour or extract.....
5.3CVSS
6.9AI Score
0.0004EPSS
The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary...
9.8CVSS
7.8AI Score
0.0004EPSS
The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary...
9.8CVSS
9.8AI Score
0.0004EPSS