7275 matches found
PT-2025-33400 · WordPress · The Plus Addons For Elementor Page Builder
Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder Lite versions n/a through 6.3.13 Description: Missing authorization allows exploiting incorrectly configured access control security levels in The Plus Addons for Elementor Page Builder Lite...
PT-2025-33176 · WordPress · Octagonwebstudio Premium Addons For Kingcomposer
Name of the Vulnerable Software and Affected Versions: octagonwebstudio Premium Addons for KingComposer versions through 1.1.1 Description: A flaw exists in the file handling mechanism within octagonwebstudio Premium Addons for KingComposer, allowing for PHP Local File Inclusion. This issue stems...
CVE-2025-8874
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.0.8.6 due to insufficient input sanitization and output...
CVE-2025-8874 Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations <= 2.0.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via fancyBox
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.0.8.6 due to insufficient input sanitization and output...
CVE-2025-8874
CVE-2025-8874 concerns Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations for WordPress. It describes a Stored Cross-Site Scripting (XSS) vulnerability in several widgets due to insufficient input sanitization/output escaping. Affected version...
CVE-2025-8874 Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations <= 2.0.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via fancyBox
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.0.8.6 due to insufficient input sanitization and output...
WordPress Element Pack Elementor Addons and Templates Cross-Site Scripting Vulnerability
WordPress Element Pack Elementor Addons and Templates is a powerful plugin for Elementor designed to simplify website design. A cross-site scripting vulnerability exists in WordPress Element Pack Elementor Addons and Templates, which stems from insufficient input cleanup and output escaping of th...
PT-2025-32634 · WordPress +1 · The Master Addons – Elementor Addons +1
Name of the Vulnerable Software and Affected Versions: Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress versions up to and including 2.0.8.6 Description: The plugin is susceptible to Stored Cross-Site Scripting due to...
WordPress plugin Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Master Addons - Elementor Addons...
WordPress Exclusive Addons For Elementor Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress Exclusive Addons For Elementor, which stems from insufficient input cleanup and escaping, and can be exploited by a...
WordPress Master Addons for Elementor plugin <= 2.0.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via fancyBox vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via fancyBox vulnerability discovered by Webbernaut in WordPress Plugin Master Addons for Elementor versions = 2.0.9.0...
Updated kernel, kmod-virtualbox, kmod-xtables-addons & wireless-regdb packages fix security vulnerabilities
Upstream kernel version 6.6.101 fixes bugs and vulnerabilities. The kmod-virtualbox, kmod-xtables-addons & wireless-regdb packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...
MGASA-2025-0219 Updated kernel, kmod-virtualbox, kmod-xtables-addons & wireless-regdb packages fix security vulnerabilities
Upstream kernel version 6.6.101 fixes bugs and vulnerabilities. The kmod-virtualbox, kmod-xtables-addons & wireless-regdb packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...
WordPress HT Mega - Absolute Addons For Elementor plugin Information Disclosure Vulnerability
WordPress HT Mega - Absolute Addons For Elementor plugin is an Elementor page builder plugin designed specifically for WordPress, offering over 100 custom widgets, 360+ preset modules, and multiple templates for blogs, sliders , collapsible menus and other page elements. A vulnerability exists in...
CVE-2025-7498
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget in all versions up to, and including, 2.7.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-8100
The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markercontent' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...
WordPress Exclusive Addons for Elementor plugin <= 2.7.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Countdown vulnerability discovered by Webbernaut in WordPress Plugin Exclusive Addons Elementor versions = 2.7.9.4...
CVE-2025-7498
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget in all versions up to, and including, 2.7.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-7498 Exclusive Addons for Elementor <= 2.7.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget in all versions up to, and including, 2.7.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-8100 Element Pack Elementor Addons and Templates <= 8.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map Widget Marker Content
The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markercontent' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...