CVE-2025-14356 Ultra Addons for Contact Form 7 <= 3.5.33 - Missing Authorization to Authenticated (Subscriber+) to Generate Form Submission PDF

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7getgeneratedpdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-14356

CVE-2025-14356 — The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on uacf7_get_generated_pdf in all versions up to and including 3.5.33. The Wordfence report confirms authenticated users with Subscriber-level a...

CVE-2025-14356 Ultra Addons for Contact Form 7 <= 3.5.33 - Missing Authorization to Authenticated (Subscriber+) to Generate Form Submission PDF

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7getgeneratedpdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress Jobmonster Elementor Addon plugin <= 1.1.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Jobmonster Elementor Addon versions = 1.1.4...

CVE-2025-67540

Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...

CVE-2025-67524

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

EUVD-2025-202120

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

EUVD-2025-201944

Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through = 3.20.2...

CVE-2025-67540

Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...

CVE-2025-67524

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

CVE-2025-63042 WordPress Tutor LMS Elementor Addons plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Tutor LMS Elementor Addons tutor-lms-elementor-addons allows Stored XSS.This issue affects Tutor LMS Elementor Addons: from n/a through = 3.0.1...

CVE-2025-67524

CVE-2025-67524 covers the WordPress plugin NooTheme Jobmonster Elementor Addon (jobmonster-addon) ≤ 1.1.4. The issue is a PHP Local File Inclusion caused by improper control of the filename used in include/require statements, effectively allowing untrusted input to influence which file is include...

CVE-2025-67524 WordPress Jobmonster Elementor Addon plugin <= 1.1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

CVE-2025-67524 WordPress Jobmonster Elementor Addon plugin <= 1.1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

WordPress plugin Jobmonster Elementor Addon 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-49916

Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...

PT-2025-49900

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

Oracle Linux 8 : abrt (ELSA-2025-22760)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22760 advisory. 2.10.9-25.0.1 - Replaces sosreport to sos report in sosreport-event.conf Orabug: 38590929 - abrt-dump-oops-Fix-vmcore-call-trace-parsing-arm Orabug: 34184473 -...

[SECURITY] Fedora 43 Update: kf6-kunitconversion-6.20.0-2.fc43

KDE Frameworks 6 Tier 2 addon for unit conversions...

[SECURITY] Fedora 43 Update: kf6-kjobwidgets-6.20.0-2.fc43

KDE Frameworks 6 Tier 2 addon for KJobs...