Lucene search
K

7293 matches found

Positive Technologies
Positive Technologies
added 2024/08/29 12:0 a.m.4 views

PT-2024-30822 · Unknown · Page Builder Addons Web +1

Name of the Vulnerable Software and Affected Versions: Page Builder Addons Web and WooCommerce Addons for WPBakery Builder versions 1.4.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which...

5.9CVSS6AI score0.0026EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/08/29 12:0 a.m.13 views

WordPress Royal Elementor Addons Plugin <= 1.3.982 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.982 Fixed in 1.3.985 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44001 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID d1433083a6b5 Credits João Pedro S Alcântara Kinorth...

6.5CVSS6.6AI score0.00318EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/28 9:16 a.m.4 views

WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.6.2...

6.5CVSS5.8AI score0.00279EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2024/08/28 2:5 a.m.29 views

CVE-2024-8030 Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 2.0.3 - Unauthenticated PHP Object Injection

The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the ultimatestorekitwishlist cookie in versions up to , and...

9.8CVSS0.01075EPSS
Exploits0References2
CVE
CVE
added 2024/08/28 2:5 a.m.56 views

CVE-2024-8030

CVE-2024-8030 affects Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, and Woocommerce Slider up to and including 2.0.3. It enables unauthenticated PHP Object Injection via deserialization of input in the _ultimate_store_...

9.8CVSS9.7AI score0.01075EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/08/28 12:0 a.m.3 views

WordPress plugin Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress plugin Ultimate Store Kit...

9.8CVSS6.6AI score0.01075EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/28 12:0 a.m.15 views

WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 5.6.2 is vulnerable to Cross Site Scripting (XSS)

Software The Plus Addons for Elementor Page Builder Lite Type Plugin Vulnerable versions = 5.6.2 Fixed in 5.6.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43977 Patch priority Low CVSS severity Low 6.5 Developer POSIMYTH Innovations PSID 3c992f51ea8a Credits...

6.5CVSS6.6AI score0.00279EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/08/27 11:15 a.m.3 views

CVE-2024-7791

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘arrow’ parameter within the Post Grid widget in all versions up to, and including, 1.4.4.3 due to insufficient input sanitization and output escaping. This makes it...

5.4CVSS5.9AI score0.00311EPSS
Exploits0References5
NVD
NVD
added 2024/08/27 11:15 a.m.27 views

CVE-2024-7791

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘arrow’ parameter within the Post Grid widget in all versions up to, and including, 1.4.4.3 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS0.00311EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/08/27 10:59 a.m.17 views

CVE-2024-7791 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Grid Widget

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘arrow’ parameter within the Post Grid widget in all versions up to, and including, 1.4.4.3 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5.8AI score0.00311EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/08/27 1:44 a.m.6 views

WordPress Xpro Addons For Elementor plugin <= 1.4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Grid Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Post Grid Widget vulnerability discovered by WordFence in WordPress Plugin Xpro Elementor Addons versions = 1.4.4.3...

6.4CVSS5.8AI score0.00311EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/27 12:0 a.m.16 views

WordPress Xpro Elementor Addons Plugin <= 1.4.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Xpro Elementor Addons Type Plugin Vulnerable versions = 1.4.4.3 Fixed in 1.4.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7791 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 93f87661de72 Credits WordFence...

6.4CVSS5.8AI score0.00311EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/08/27 12:0 a.m.4 views

WordPress plugin Xpro Addons For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6.5AI score0.00311EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/27 12:0 a.m.6 views

PT-2024-38583 · WordPress · The 140+ Widgets | Xpro Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress versions up to, and including, 1.4.4.3 Description: The issue is related to Stored Cross-Site Scripting via the arrow parameter within the Post Grid widget due to...

6.4CVSS5.9AI score0.00311EPSS
Exploits0References11
Patchstack
Patchstack
added 2024/08/26 2:40 p.m.4 views

WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Web and WooCommerce Addons for WPBakery Builder versions = 1.5...

5.9CVSS6.1AI score0.0026EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/26 2:0 p.m.4 views

WordPress Classic Addons – WPBakery Page Builder plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Classic Addons – WPBakery Page Builder versions = 3.5...

6.5CVSS5.9AI score0.00242EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/26 9:30 a.m.6 views

WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.6.2...

8.8CVSS6.8AI score0.00561EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/26 12:0 a.m.16 views

WordPress Web and WooCommerce Addons for WPBakery Builder Plugin <= 1.4.7 is vulnerable to Cross Site Scripting (XSS)

Software Web and WooCommerce Addons for WPBakery Builder Type Plugin Vulnerable versions = 1.4.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43960 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c3f6a64bbac8 Credits 4rCanJ0x...

5.9CVSS6.6AI score0.0026EPSS
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/08/26 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-43932

Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through = 5.6.2...

8.8CVSS5.8AI score0.00561EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/26 12:0 a.m.11 views

WordPress Classic Addons – WPBakery Page Builder Plugin <= 3.0 is vulnerable to Cross Site Scripting (XSS)

Software Classic Addons – WPBakery Page Builder Type Plugin Vulnerable versions = 3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43953 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 711526a3136c Credits João Pedro S...

6.5CVSS6.6AI score0.00242EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder