Lucene search
K

7293 matches found

Patchstack
Patchstack
added 2024/10/16 3:56 a.m.3 views

WordPress ElementsReady Addons for Elementor plugin <= 6.4.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin ElementsReady Addons for Elementor versions = 6.4.3...

6.4CVSS5.8AI score0.00302EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.4 views

PT-2024-33389 · Unknown · Anant Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Maan Addons For Elementor versions 1.0.1 and earlier Description: The issue involves improper control of the filename for include/require statements in PHP programs, also known as PHP Remote File Inclusion. This allows for Local Code Inclusio...

7.5CVSS7.6AI score0.00555EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.1 views

WordPress plugin Premium Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

6.5CVSS6.8AI score0.00385EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.4 views

PT-2024-39637 · WordPress · Elementsready Addons For Elementor

Name of the Vulnerable Software and Affected Versions: ElementsReady Addons for Elementor plugin for WordPress versions up to, and including, 6.4.3 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output escaping. Thi...

6.4CVSS6.3AI score0.00302EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.13 views

WordPress Royal Elementor Addons Plugin <= 1.3.986 is vulnerable to Sensitive Data Exposure

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.986 Fixed in 1.3.987 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-7417 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID 4060f71c187f Credits stealthcopter Required...

4.3CVSS6.5AI score0.00403EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.3 views

WordPress plugin ElementInvader Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.4CVSS5.9AI score0.00256EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.3 views

WordPress plugin Kaswara Modern VC Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

9.8CVSS6.7AI score0.01342EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.3 views

WordPress plugin Maan Addons For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS6.7AI score0.00555EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.3 views

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS7AI score0.00444EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.2 views

WordPress plugin ElementsReady Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.4CVSS6AI score0.00302EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/15 6:7 p.m.6 views

WordPress ElementInvader Addons for Elementor plugin <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin ElementInvader Addons for Elementor versions = 1.2.8...

5.4CVSS5.7AI score0.00256EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:54 p.m.4 views

WordPress Themesflat Addons For Elementor plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin themesflat-addons-for-elementor versions = 2.2.0...

6.5CVSS6.1AI score0.00254EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/15 11:47 a.m.3 views

WordPress Exclusive Addons for Elementor plugin <= 2.7.1 - Cross-Site Scripting vulnerability

Cross-Site Scripting vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Exclusive Addons Elementor versions = 2.7.1...

6.5CVSS6.3AI score0.00241EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.12 views

WordPress Themesflat Addons For Elementor Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Themesflat Addons For Elementor Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49310 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 559ccc1edd02 Credits João Pedro S Alcântara...

6.5CVSS6.8AI score0.00254EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.18 views

WordPress ElementInvader Addons for Elementor Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)

Software ElementInvader Addons for Elementor Type Plugin Vulnerable versions = 1.2.8 Fixed in 1.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9888 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2293b37c11ea Credits Coli...

5.4CVSS5.8AI score0.00256EPSS
Exploits0References3Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/10/15 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-4448

The Kaswara Modern VC Addons plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 3.0.1 due to insufficient capability checking on various AJAX actions. This makes it possible for unauthenticated attackers to perform a wide variety of unauthorized actions...

9.8CVSS5.8AI score0.01342EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.8 views

WordPress Exclusive Addons Elementor Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Exclusive Addons Elementor Type Plugin Vulnerable versions = 2.7.1 Fixed in 2.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49292 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 98088c8c1037 Credits Robert DeVore Required...

6.5CVSS6.5AI score0.00241EPSS
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/10/15 12:0 a.m.6 views

VulnCheck KEV: CVE-2021-4446

The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6.4 due to missing capability checks and nonce disclosure. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

6.3CVSS5.7AI score0.00252EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.3 views

PT-2024-11041 · WordPress · Premium Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor versions up to, and including, 4.5.1 Premium Addons for Elementor versions prior to 2e5b3608-1dfc-468f-b3ae-12ce7c25ee6c Description: The issue is due to missing capability and nonce checks in the pa dismiss admin...

6.5CVSS7.2AI score0.00385EPSS
Exploits1References20
VulnCheck KEV
VulnCheck KEV
added 2024/10/15 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-4445

The Premium Addons for Elementor plugin for WordPress is vulnerable to Arbitrary Option Updates in versions up to, and including, 4.5.1. This is due to missing capability and nonce checks in the padismissadminnotice AJAX action. This makes it possible for authenticated subscriber+ attackers to...

6.5CVSS5.8AI score0.00385EPSS
Exploits1References1
Rows per page
Query Builder