WordPress Animation Addons for Elementor plugin <= 1.1.6 - Authenticated (Contributor+) Sensitive Information Exposure via Content Slider and Tabs Widget Elementor Template vulnerability

Authenticated Contributor+ Sensitive Information Exposure via Content Slider and Tabs Widget Elementor Template vulnerability discovered by Ankit Patel in WordPress Plugin Animation Addons for Elementor versions = 1.1.6...

CVE-2024-10356

The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.8 in inc/Widgets/accordion/output/content.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-10356

The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.8 in inc/Widgets/accordion/output/content.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-10356

CVE-2024-10356 affects ElementsReady Addons for Elementor (WordPress). Remote code is not exposed; the issue is Sensitive Information Exposure due to insecure access control in inc/Widgets/accordion/output/content.php, exploitable by authenticated users with Contributor+ rights. The Red Hat/Wordf...

CVE-2024-10356 ElementsReady Addons for Elementor <= 6.4.8 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates

The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.8 in inc/Widgets/accordion/output/content.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

WordPress ElementsReady Addons for Elementor plugin <= 6.4.8 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates vulnerability

Authenticated Contributor+ Sensitive Information Exposure via Elementor Templates vulnerability discovered by Ankit Patel in WordPress Plugin ElementsReady Addons for Elementor versions = 6.4.8...

WordPress plugin ElementsReady Addons for Elementor 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

PT-2024-16215 · Unknown · Elementsready Addons For Elementor

Name of the Vulnerable Software and Affected Versions: ElementsReady Addons for Elementor versions up to, and including, 6.4.8 Description: The issue allows authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data due to...

CVE-2023-38480

Missing Authorization vulnerability in Certain Dev Booster Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster Elementor Addons: from n/a through 1.4.9...

CVE-2023-38480 WordPress Booster Elementor Addons plugin <= 1.4.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in certaindev Booster Elementor Addons booster-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster Elementor Addons: from n/a through = 1.4.9...

CVE-2023-38480 WordPress Booster Elementor Addons plugin <= 1.4.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Certain Dev Booster Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster Elementor Addons: from n/a through 1.4.9...

CVE-2023-38480

CVE-2023-38480 affects Booster Elementor Addons (WordPress plugin) up to version 1.4.9. The root cause is missing authorization / broken access control enabling unauthenticated access. Public references indicate the vulnerability exists in Booster Elementor Addons

WordPress plugin Booster Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-12059

The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.1 via the elioptionvalue shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract...

CVE-2024-12059 ElementInvader Addons for Elementor <= 1.3.1 - Missing Authorization to Arbitrary Options Read

The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.1 via the elioptionvalue shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract...

CVE-2024-12059

CVE-2024-12059 : ElementInvader Addons for Elementor (WordPress) is vulnerable to Sensitive Information Exposure in all versions up to 1.3.1 via the eli_option_value shortcode. An authenticated attacker with Contributor-level access (or higher) can read arbitrary options from the wp_options table...

WordPress plugin ElementInvader Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-54260

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through = 1.4.2...

CVE-2024-54253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons.This issue affects Xpro Elementor Addons: from n/a through = 1.4.6.5...

CVE-2024-54253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through 1.4.6.1...