1826 matches found
WordPress Essential Addons for Elementor Plugin < 5.8.2 Information Disclosure Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpdeveloper:essentialaddonsforelementor"; ifdescription...
CVE-2023-3779
The Essential Addons For Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 5.8.1 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers...
Code injection
The Essential Addons For Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 5.8.1 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers...
CVE-2023-3779
The Essential Addons For Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 5.8.1 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers...
CVE-2023-3779 Essential Addons For Elementor <=5.8.1 - Unauthenticated MailChimp API Key Disclosure
The Essential Addons For Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 5.8.1 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers...
CVE-2023-3779
The CVE-2023-3779 entry affects the WordPress plugin “Essential Addons for Elementor” (WPDeveloper) for WordPress, indicating that versions up to and including 5.8.1 disclose MailChimp API keys via source code added to pages using the MailChimp block. Root cause: unauthenticated disclosure of API...
PT-2023-26109 · WordPress · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: The Essential Addons For Elementor plugin for WordPress versions up to, and including, 5.8.1 Description: The issue allows unauthenticated attackers to obtain a site's MailChimp API key due to the plugin adding the API key to the source code ...
CVE-2023-3709
The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to...
Code injection
The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to...
CVE-2023-3709 Royal Elementor Addons <=1.3.70 - Unauthenticated MailChimp API Key Disclosure
The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to...
CVE-2023-3709 Royal Elementor Addons <=1.3.70 - Unauthenticated MailChimp API Key Disclosure
The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to...
CVE-2023-3709
The CVE-2023-3709 vulnerability affects the WordPress plugin Royal Elementor Addons, with affected versions up to and including 1.3.70. The issue allows unauthenticated disclosure of a site’s MailChimp API key because the plugin writes the API key into the source code of pages that render the Mai...
Royal Elementor Addons < 1.3.71 - Unauthenticated API Key Disclosure
Description The plugin discloses the MailChimp API key in pages with the MailChimp block, allowing unauthenticated users to obtain such key...
WordPress plugin Royal Elementor Addons 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...
Mantra - A Tool Used To Hunt Down API Key Leaks In JS Files And Pages
The tool in question was created in Go and its main objective is to search for API keys in JavaScript files and HTML pages. It works by checking the source code of web pages and script files for strings that are identical or similar to API keys. These keys are often used for authentication to...
JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident
JumpCloud, a provider of cloud-based identity and access management solutions, has swiftly reacted to an ongoing cybersecurity incident that impacted some of its clients. As part of its damage control efforts, JumpCloud has reset the application programming interface API keys of all customers...
Code injection
tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...
CVE-2023-36817 The King's Temple Church website Leaked Stripe API Key in Public Code Repository
tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...
CVE-2023-36817 The King's Temple Church website Leaked Stripe API Key in Public Code Repository
tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...
CVE-2023-36817 The King's Temple Church website Leaked Stripe API Key in Public Code Repository
tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...