7269 matches found
MGASA-2026-0132 Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerability
Upstream kernel version 6.6.138 fixes a vulnerability. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel...
Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerability
Upstream kernel version 6.6.138 fixes a vulnerability. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel...
CVE-2026-3426
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the savewidget and resetallwidgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with Author-lev...
CVE-2026-3426
CVE-2026-3426: The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on save_widget() and reset_all_widgets() in all versions up to 2.0.2. This allows authenticated attackers with Author-level access and above to m...
CVE-2026-3425
The vulnerability CVE-2026-3425 affects the RTMKit Addons for Elementor WordPress plugin and is exploitable via a Local File Inclusion (LFI) flaw in all versions up to 2.0.2. The issue is triggered through the path parameter of the get_content AJAX action, allowing authenticated users with Author...
EUVD-2026-29937
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2 via the 'path' parameter of the 'getcontent' AJAX action. This makes it possible for authenticated attackers, with Author-level access and above, to include and...
CVE-2026-3426 RTMKit Addons for Elementor <= 2.0.2 - Authenticated (Author+) Missing Authorization to Widget Configuration Modification
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the savewidget and resetallwidgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with Author-lev...
CVE-2026-3425 RTMKit Addons for Elementor <= 2.0.2 - Authenticated (Author+) Local File Inclusion via 'path'
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2 via the 'path' parameter of the 'getcontent' AJAX action. This makes it possible for authenticated attackers, with Author-level access and above, to include and...
CVE-2026-3426
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the savewidget and resetallwidgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with Author-lev...
CVE-2026-3425
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2 via the 'path' parameter of the 'getcontent' AJAX action. This makes it possible for authenticated attackers, with Author-level access and above, to include and...
CVE-2026-3425 RTMKit Addons for Elementor <= 2.0.2 - Authenticated (Author+) Local File Inclusion via 'path'
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2 via the 'path' parameter of the 'getcontent' AJAX action. This makes it possible for authenticated attackers, with Author-level access and above, to include and...
CVE-2026-3426 RTMKit Addons for Elementor <= 2.0.2 - Authenticated (Author+) Missing Authorization to Widget Configuration Modification
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the savewidget and resetallwidgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with Author-lev...
WordPress plugin RTMKit Addons for Elementor 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress plugin RTMKit Addons for Elementor 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-40594
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2 via the 'path' parameter of the 'get content' AJAX action. This makes it possible for authenticated attackers, with Author-level access and above, to include and...
PT-2026-40595
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the save widget and reset all widgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with...
WordPress The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin <= 6.4.11 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by daroo in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 6.4.11...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +288 more potentially affected by CVE-2026-41712 via org.springframework.ai:spring-ai-client-chat (>=1.1.0-M1 <=1.1.5)
org.springframework.ai:spring-ai-client-chat MAVEN version =1.1.0-M1, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =0.6.0, =1.1.0, =1.1.0, =1.1.0, =1.1.4 and more Source cves: CVE-2026-41712 Source advisory: OSV:GHSA-Q62F-H9X2-GCQC...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +288 more potentially affected by CVE-2026-41713 via org.springframework.ai:spring-ai-client-chat (>=1.1.0-M1 <=1.1.5)
org.springframework.ai:spring-ai-client-chat MAVEN version =1.1.0-M1, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =0.6.0, =1.1.0, =1.1.0, =1.1.0, =1.1.4 and more Source cves: CVE-2026-41713 Source advisory: OSV:GHSA-5852-PHMH-8FHR...
EUVD-2026-29456
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through = 1.5.1...