CVE-2024-50442

Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through 1.3.980...

CVE-2024-50442

Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through = 1.3.980...

CVE-2024-50442 WordPress Royal Elementor Addons and Templates plugin <= 1.3.980 - XML External Entity (XXE) vulnerability

Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through = 1.3.980...

CVE-2024-50442 WordPress Royal Elementor Addons and Templates plugin <= 1.3.980 - XML External Entity (XXE) vulnerability

Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through = 1.3.980...

CVE-2024-50442

CVE-2024-50442 is an XML External Entity (XXE) vulnerability in WordPress plugin Royal Elementor Addons and Templates (

WordPress plugin Sky Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-34232 · Unknown · Qode Essential Addons

Name of the Vulnerable Software and Affected Versions: Qode Essential Addons versions 1.6.3 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This is a type of vulnerability tha...

PT-2024-34218 · WordPress · Royal Elementor Addons

Name of the Vulnerable Software and Affected Versions: WP Royal Royal Elementor Addons versions 1.3.980 and earlier Description: The issue is related to an Improper Restriction of XML External Entity Reference vulnerability, which allows XML Injection. This vulnerability affects WP Royal Royal...

WordPress plugin The Pack Elementor addons 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2024-34208 · Unknown · Sky Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Sky Addons for Elementor versions prior to 2.5.16 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: F...

WordPress plugin Royal Elementor Addons 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

PT-2024-34228 · Unknown · The Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Pack Elementor addons versions 2.0.9 and earlier Description: A Relative Path Traversal vulnerability in The Pack Elementor addons allows PHP Local File Inclusion. Recommendations: For versions 2.0.9 and earlier, update to a version later...

WordPress Exclusive Addons Elementor Plugin <= 2.7.4 is vulnerable to Sensitive Data Exposure

Software Exclusive Addons Elementor Type Plugin Vulnerable versions = 2.7.4 Fixed in 2.7.5 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10312 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 925615829867 Credits Ankit Patel...

WordPress plugin Qode Essential Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-10357

The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.1 via the getTemplateContent function in src/widgets/class-clever-widget-base.php. This makes it possible for authenticated attackers, with...

CVE-2024-10357 Clever Addons for Elementor <= 2.2.1 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates

The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.1 via the getTemplateContent function in src/widgets/class-clever-widget-base.php. This makes it possible for authenticated attackers, with...

CVE-2024-10091

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Comparison Widget in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin Clever Addons for Elementor 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress plugin ElementsKit Elementor addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Clever Addons for Elementor plugin <= 2.2.1 - Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by Ankit Patel in WordPress Plugin Clever Addons for Elementor versions = 2.2.1...