CVE-2025-8150

The Events Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typewriter and Countdown widgets in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2025-8150

The Events Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typewriter and Countdown widgets in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2025-8150

The CVE concerns the WordPress plugin “Events Addon for Elementor.” Affected component: Typewriter and Countdown widgets. Root cause: insufficient input sanitization and output escaping of user-supplied attributes, enabling Stored Cross-Site Scripting. Affected versions: all up to and including 2...

WordPress plugin Events Addon for Elementor 跨站脚本漏洞

WordPress Events Addon for Elementor plugin is a plugin designed for Elementor page builder, mainly for creating event websites. The WordPress Events Addon for Elementor plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and...

PT-2025-35194

Name of the Vulnerable Software and Affected Versions: Events Addon for Elementor plugin for WordPress versions prior to 2.2.9 Description: The Events Addon for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Typewriter and Countdown widgets. Insufficient...

CVE-2025-58205 WordPress ElementInvader Addons for Elementor Plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows DOM-Based XSS.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.3.6...

WordPress ThemeREX Addons plugin <= 2.36.1.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds in WordPress Plugin ThemeREX Addons versions = 2.36.1.1...

Linux Distros Unpatched Vulnerability : CVE-2011-3012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions...

Linux Distros Unpatched Vulnerability : CVE-2012-6112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - classes/GoogleSpell.php in the PHP Spellchecker aka Google Spellchecker addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before...

Linux Distros Unpatched Vulnerability : CVE-2011-2764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The FSCheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena,...

CVE-2025-48170

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder lbg-universal-video-player-addon-visual-composer allows Reflected XSS.This issue affects Universal Video Player - Addon for...

CVE-2025-48154

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Multimedia Playlist Slider Addon for WPBakery Page Builder lbgvpyoutubevimeoaddonvisualcomposer allows Reflected XSS.This issue affects Multimedia Playlist Slider Addon for WPBakery Pa...

CVE-2025-53559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder lbg-universal-video-player-addon-visual-composer allows Reflected XSS.This issue affects Universal Video Player - Addon for...

CVE-2025-53562

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder lbguniversalvideoplayeraddonvisualcomposer allows Reflected XSS.This issue affects Universal Video Player - Addon for WPBakery...

CVE-2025-53564

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon lbgradioplayeraddonvisualcomposer allows Reflected XSS.This issue affects HTML5 Radio Player - WPBakery Page Builder Addon: from n/a...

WordPress PressApps Knowledge Base Contextual Sidebar Addon Plugin <= 4.2.1 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin PressApps Knowledge Base Contextual Sidebar Addon versions = 4.2.1...

CVE-2025-53564

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon lbgradioplayeraddonvisualcomposer allows Reflected XSS.This issue affects HTML5 Radio Player - WPBakery Page Builder Addon: from n/a...

CVE-2025-53559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder lbg-universal-video-player-addon-visual-composer allows Reflected XSS.This issue affects Universal Video Player - Addon for...

CVE-2025-48170

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder lbg-universal-video-player-addon-visual-composer allows Reflected XSS.This issue affects Universal Video Player - Addon for...

CVE-2025-48154

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Multimedia Playlist Slider Addon for WPBakery Page Builder lbgvpyoutubevimeoaddonvisualcomposer allows Reflected XSS.This issue affects Multimedia Playlist Slider Addon for WPBakery Pa...