WordPress ElementsKit Elementor addons plugin <= 3.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin ElementsKit Elementor addons Lite versions = 3.2.9...

WordPress Elements kit Elementor addons Plugin <= 3.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.2.9 Fixed in 3.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10091 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID 3cb44087a1e4 Credits zer0gh0st Required...

WordPress Qode Essential Addons plugin <= 1.6.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Qode Essential Addons versions = 1.6.3...

WordPress The Pack Elementor addons plugin <= 2.0.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin The Pack Elementor addons versions = 2.0.9...

WordPress Royal Elementor Addons and Templates plugin <= 1.3.980 - XML External Entity (XXE) vulnerability

XML External Entity XXE vulnerability discovered by wcraft Patchstack Alliance in WordPress Plugin Royal Elementor Addons versions = 1.3.980...

WordPress Sky Addons for Elementor plugin <= 2.5.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Sky Addons for Elementor versions = 2.5.15...

WordPress Qode Essential Addons Plugin <= 1.6.3 is vulnerable to Local File Inclusion

Software Qode Essential Addons Type Plugin Vulnerable versions = 1.6.3 Fixed in 1.6.4 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-50457 Patch priority Low CVSS severity Low 7.5 Developer Qode Interactive PSID 91c64e17ca1a Credits João Pedro S Alcântara...

WordPress The Pack Elementor addons Plugin <= 2.0.9 is vulnerable to Local File Inclusion

Software The Pack Elementor addons Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.1.0 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-50453 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID e424fb066139 Credits João Pedro S Alcânta...

WordPress Royal Elementor Addons Plugin <= 1.3.980 is vulnerable to XML External Entity (XXE)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.980 Fixed in 1.3.981 OWASP Top 10 A3: Injection Classification XML External Entity XXE CVE CVE-2024-50442 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID d8b2b553fe8e Credits wcraft Required privilege Author...

CVE-2024-9530

The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the...

CVE-2024-9530

The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the...

CVE-2024-9530 Qi Addons For Elementor <= 1.8.0 - Sensitive Information Exposure

The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the...

CVE-2024-9530 Qi Addons For Elementor <= 1.8.0 - Sensitive Information Exposure

The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the...

WordPress plugin Qi Addons For Elementor 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

PT-2024-39680 · WordPress · Qi Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to, and including, 1.8.0 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive data, including the contents of private...

WordPress Qi Addons For Elementor plugin <= 1.8.0 - Sensitive Information Exposure vulnerability

Sensitive Information Exposure vulnerability discovered by Ankit Patel in WordPress Plugin Qi Addons For Elementor versions = 1.8.0...

CVE-2024-9541

The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.1 via the render function in includes/widgets/canvas-menu/canvas-menu.php. This makes it possible for authenticated attackers, with Contributor-level access...

CVE-2024-9541 News Kit Elementor Addons <= 1.2.1 - Authenticated (Contributor+) Sensitive Information Exposure via Canvas Menu Elementor Template

The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.1 via the render function in includes/widgets/canvas-menu/canvas-menu.php. This makes it possible for authenticated attackers, with Contributor-level access...

WordPress plugin News Kit Elementor Addons 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress News Kit Elementor Addons plugin <= 1.2.1 - Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by Nishiv in WordPress Plugin News Kit Elementor Addons versions = 1.2.1...