CVE-2025-26745

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RSTheme RS Elements Elementor Addon rselements-lite allows Stored XSS.This issue affects RS Elements Elementor Addon: from n/a through = 1.1.5...

CVE-2025-26745 WordPress RS Elements Elementor Addon plugin <= 1.1.5 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RSTheme RS Elements Elementor Addon rselements-lite allows Stored XSS.This issue affects RS Elements Elementor Addon: from n/a through = 1.1.5...

CVE-2025-26745 WordPress RS Elements Elementor Addon plugin <= 1.1.5 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RSTheme RS Elements Elementor Addon rselements-lite allows Stored XSS.This issue affects RS Elements Elementor Addon: from n/a through = 1.1.5...

CVE-2025-26745

CVE-2025-26745 : In RS Elements Elementor Addon for WordPress, an Stored XSS exists due to improper neutralization during web page generation. Affected: RS Elements Elementor Addon from n/a through 1.1.5. Root cause and impact are stated; exploitation status is not detailed in the provided docume...

WordPress MemberPress Discord Addon Plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin MemberPress Discord Addon versions = 1.1.1...

CVE-2025-2563

The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges...

CVE-2025-2563

CVE-2025-2563 concerns the WordPress plugin User Registration & Membership . Affected versions up to and including 4.1.1 fail to properly restrict the user role during account creation via the Membership Addon, allowing unauthenticated attackers to create accounts with administrator privileges. T...

CVE-2025-22871 vulnerabilities

Vulnerabilities for packages: zot, secrets-store-csi-driver-provider-aws, flux-image-automation-controller, esbuild, govulncheck, kaf, licenseclassifier, ctop, trust-manager, promxy, newrelic-infra-operator, gobuster, metrics-server, trino, nri-rabbitmq, fluent-operator, kind, prometheus, influx,...

GHSA-G9PC-8G42-G6VQ vulnerabilities

Vulnerabilities for packages: zot, secrets-store-csi-driver-provider-aws, flux-image-automation-controller, esbuild, govulncheck, kaf, licenseclassifier, ctop, trust-manager, promxy, newrelic-infra-operator, gobuster, metrics-server, trino, nri-rabbitmq, fluent-operator, kind, prometheus, influx,...

CVE-2025-22871 vulnerabilities

Vulnerabilities for packages: trivy, kapp, restic-fips, caddy, crossplane-provider-azure-managedidentity, fulcio, http-echo, kube-bench, opa, ingress-nginx-controller, postgres-operator-fips, elastic-agent, google-osconfig-agent, kube-state-metrics, rabbitmq-messaging-topology-operator,...

WordPress plugin Ultra Addons Lite for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2025-31850

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder pdf-generator-addon-for-elementor-page-builder allows Stored XSS.This issue affects PDF Generator Addon for Elementor Page Builder:...

CVE-2025-31551 WordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows SQL Injection.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

CVE-2025-31850

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder pdf-generator-addon-for-elementor-page-builder allows Stored XSS.This issue affects PDF Generator Addon for Elementor Page Builder:...

CVE-2025-31850 WordPress PDF Generator Addon for Elementor Page Builder plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder pdf-generator-addon-for-elementor-page-builder allows Stored XSS.This issue affects PDF Generator Addon for Elementor Page Builder:...

CVE-2025-31850

CVE-2025-31850 : Stored Cross-Site Scripting in PDF Generator Addon for Elementor Page Builder. Affected: PDF Generator Addon for Elementor Page Builder (versions up to 1.7.5; “from n/a through 1.7.5”). Cause: Improper input neutralization during web page generation. Impact: Cross-site script exe...

WordPress plugin Salesmate Add-On for Gravity Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress...

WordPress plugin PDF Generator Addon for Elementor Page Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

CVE-2025-30925

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webangon The Pack Elementor addons the-pack-addon allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through = 2.1.1...

CVE-2025-30800

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Atawai Gum Elementor Addon gum-elementor-addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through = 1.3.10...