CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

123 matches found

CNNVD•added 2024/06/19 12:0 a.m.•4 views

WordPress plugin Premium Addons PRO security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.8AI score0.00503EPSS

Exploits0References2

OSV•added 2024/05/29 8:15 a.m.•1 views

CVE-2024-5086

The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Member Carousel widget in all Pro versions up to, and including, 5.8.14 due to insufficient input...

5.4CVSS5.9AI score

Exploits0References2

OSV•added 2024/05/02 5:15 p.m.•1 views

CVE-2024-4203

The Premium Addons Pro for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the maps widget in all versions up to, and including, 4.10.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

5.4CVSS6AI score0.0048EPSS

Exploits0References2

Cvelist•added 2024/05/02 4:52 p.m.•23 views

CVE-2024-4203 Premium Addons for Elementor <= 4.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting

5.4CVSS5.9AI score0.0048EPSS

Exploits0References2

Vulnrichment•added 2024/05/02 4:52 p.m.•12 views

CVE-2024-4203 Premium Addons for Elementor <= 4.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting

5.4CVSS6.1AI score0.0048EPSS

Exploits0References2

CNNVD•added 2024/05/02 12:0 a.m.•1 views

WordPress plugin Premium Addons Pro for Elementor 安全漏洞

5.4CVSS6.2AI score0.0048EPSS

Exploits0References3

Positive Technologies•added 2024/04/28 12:0 a.m.•3 views

PT-2024-25393 · Piotnet · Piotnet Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Piotnet Addons For Elementor Pro versions through 7.1.17 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For...

7.1CVSS6.8AI score0.00356EPSS

Exploits0References5

NVD•added 2024/04/24 9:15 a.m.•14 views

CVE-2024-32952

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BloomPixel Max Addons Pro for Bricks allows Reflected XSS.This issue affects Max Addons Pro for Bricks: from n/a through 1.6.1...

7.1CVSS7AI score0.00354EPSS

Exploits0References1

Cvelist•added 2024/04/24 8:24 a.m.•20 views

CVE-2024-32952 WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS7.1AI score0.00354EPSS

Exploits0References1

Vulnrichment•added 2024/04/24 8:24 a.m.•10 views

CVE-2024-32952 WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS5.2AI score0.00354EPSS

Exploits0References1

CVE•added 2024/04/24 8:24 a.m.•51 views

CVE-2024-32952

CVE-2024-32952: BloomPixel Max Addons Pro for Bricks is affected by a reflected XSS due to improper input neutralization during web page generation. Vulnerable until version 1.6.1 (inclusive); patch status is Patched in the connected data, indicating a fix has been released. Affected product: Max...

7.1CVSS5.2AI score0.00354EPSS

Exploits0References1

NVD•added 2024/04/24 7:15 a.m.•17 views

CVE-2024-32951

Missing Authorization vulnerability in BloomPixel Max Addons Pro for Bricks.This issue affects Max Addons Pro for Bricks: from n/a through 1.6.1...

6.5CVSS6.5AI score0.00438EPSS

Exploits0References1

Vulnrichment•added 2024/04/24 6:59 a.m.•9 views

CVE-2024-32951 WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Unauthenticated Plugin Settings Reset vulnerability

Missing Authorization vulnerability in BloomPixel Max Addons Pro for Bricks.This issue affects Max Addons Pro for Bricks: from n/a through 1.6.1...

6.5CVSS7AI score0.00438EPSS

Exploits0References1

Cvelist•added 2024/04/24 6:59 a.m.•20 views

CVE-2024-32951 WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Unauthenticated Plugin Settings Reset vulnerability

Missing Authorization vulnerability in BloomPixel Max Addons Pro for Bricks.This issue affects Max Addons Pro for Bricks: from n/a through 1.6.1...

6.5CVSS6.7AI score0.00438EPSS

Exploits0References1

CVE•added 2024/04/24 6:59 a.m.•53 views

CVE-2024-32951

CVE-2024-32951 affects BloomPixel Max Addons Pro for Bricks (Max Addons Pro for Bricks) up to version 1.6.1, with a Missing Authorization vulnerability that could permit unauthorized access to plugin settings. The CVSS 3.1 base metrics show a Medium severity (6.5) with network attack vector, no c...

6.5CVSS5.1AI score0.00438EPSS

Exploits0References1

Positive Technologies•added 2024/04/24 12:0 a.m.•4 views

PT-2024-24999 · Unknown · Max Addons Pro For Bricks

Name of the Vulnerable Software and Affected Versions: Max Addons Pro for Bricks versions 1.6.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For Max...

7.1CVSS6.5AI score0.00354EPSS

Exploits0References3

Positive Technologies•added 2024/04/24 12:0 a.m.•3 views

PT-2024-24998 · Unknown · Max Addons Pro For Bricks

Name of the Vulnerable Software and Affected Versions: Max Addons Pro for Bricks versions 1.6.1 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects Max Addons Pro for Bricks, allowing unauthorized access. Recommendations: For Max Addo...

6.5CVSS6.5AI score0.00438EPSS

Exploits0References3

Patchstack•added 2024/04/22 7:44 p.m.•6 views

WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Max Addons Pro for Bricks versions = 1.6.1...

7.1CVSS6.1AI score0.00354EPSS

Exploits0Affected Software1

Patchstack•added 2024/04/22 7:43 p.m.•3 views

WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Unauthenticated Plugin Settings Reset vulnerability

Unauthenticated Plugin Settings Reset vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Max Addons Pro for Bricks versions = 1.6.1...

6.5CVSS7AI score0.00438EPSS

Exploits0Affected Software1

Patchstack•added 2024/04/22 12:0 a.m.•11 views

WordPress Max Addons Pro for Bricks Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Max Addons Pro for Bricks Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32952 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c3b6f1863142 Credits Dave Jong Patchstack...

7.1CVSS6.6AI score0.00354EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by