Lucene search
K

7293 matches found

ATTACKERKB
ATTACKERKB
added 2024/08/20 6:15 a.m.2 views

CVE-2024-5576

The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'coursecarouselskin' attribute within the plugin's Course Carousel widget in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user supplie...

6.4CVSS6.1AI score0.00323EPSS
Exploits0References7
CVE
CVE
added 2024/08/20 5:30 a.m.60 views

CVE-2024-5576

CVE-2024-5576 affects Tutor LMS Elementor Addons for WordPress (

6.4CVSS5.7AI score0.00323EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/08/20 4:15 a.m.5 views

CVE-2024-6575

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘reswidthvalue’ parameter within the plugin's tppagescroll widget in all versions up to, and including, 5.6.2 due to...

5.4CVSS5.9AI score0.00311EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/08/20 3:21 a.m.32 views

CVE-2024-6575 The Plus Addons for Elementor <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TP Page Scroll Widget

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘reswidthvalue’ parameter within the plugin's tppagescroll widget in all versions up to, and including, 5.6.2 due to...

6.4CVSS0.00311EPSS
Exploits0References4
CVE
CVE
added 2024/08/20 3:21 a.m.57 views

CVE-2024-6575

The Plus Addons for Elementor (The Plus Addons for Elementor Page Builder) contains a Stored Cross‑Site Scripting (Stored XSS) flaw in the tp_page_scroll widget via the res_width_value parameter. Affected versions include all up to and including 5.6.2. Exploitation requires authentication at Cont...

6.4CVSS5.7AI score0.00311EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/08/20 3:21 a.m.43 views

CVE-2024-5763 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the videodate attribute within the plugin's Video widget in all versions up to, and including, 5.6.2 due to insufficient inpu...

6.4CVSS0.00363EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/08/20 12:26 a.m.3 views

WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Video Widget vulnerability discovered by João Pedro Soares de Alcântara in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.6.2...

6.4CVSS5.5AI score0.00363EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.4 views

WordPress plugin Tutor LMS Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6.6AI score0.00323EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.3 views

WordPress plugin The Plus Addons for Elementor 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerabilit...

6.4CVSS6.5AI score0.00363EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.8 views

PT-2024-36583 · WordPress · Tutor Lms Elementor Addons

Name of the Vulnerable Software and Affected Versions: Tutor LMS Elementor Addons plugin for WordPress versions up to, and including, 2.1.4 Description: The issue is related to Stored Cross-Site Scripting via the course carousel skin attribute within the plugin's Course Carousel widget. This is d...

6.4CVSS6AI score0.00323EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.4 views

PT-2024-37130 · Elementor · The Plus Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor versions up to, and including, 5.6.2 Description: The issue is related to Stored Cross-Site Scripting via the video date attribute within the plugin's Video widget due to insufficient input sanitization and outpu...

6.4CVSS6AI score0.00363EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.3 views

PT-2024-37731 · Elementor · The Plus Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor versions up to, and including, 5.6.2 Description: The issue is related to Stored Cross-Site Scripting via the res width value parameter within the plugin's tp page scroll widget due to insufficient input...

6.4CVSS5.9AI score0.00311EPSS
Exploits0References9
NVD
NVD
added 2024/08/18 10:15 p.m.9 views

CVE-2024-43267

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/08/18 10:15 p.m.7 views

CVE-2024-43267

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS5.2AI score0.00239EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/18 9:19 p.m.7 views

CVE-2024-43267 WordPress Mega Addons For Elementor plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS6.8AI score0.00239EPSS
Exploits0References1
CVE
CVE
added 2024/08/18 9:19 p.m.40 views

CVE-2024-43267

CVE-2024-43267 (Mega Addons For Elementor) is a Stored XSS via improper input neutralization in Mega Addons For Elementor (elementor addon) affecting versions from n/a through 1.9. The description in the CVE notes the vulnerability type and affected range. Connected sources corroborate an XSS cla...

6.5CVSS6.5AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/18 9:19 p.m.11 views

CVE-2024-43267 WordPress Mega Addons For Elementor plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9...

6.5CVSS0.00239EPSS
Exploits0References1
NVD
NVD
added 2024/08/18 3:15 p.m.24 views

CVE-2024-43320

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Livemesh Livemesh Addons for WPBakery Page Builder addons-for-visual-composer allows Stored XSS.This issue affects Livemesh Addons for WPBakery Page Builder: from n/a through 3.9...

6.5CVSS0.00245EPSS
Exploits0References1
OSV
OSV
added 2024/08/18 2:15 p.m.3 views

CVE-2024-43342

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.6.4...

5.4CVSS5.8AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2024/08/18 2:15 p.m.23 views

CVE-2024-43342

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.6.4...

6.5CVSS0.0024EPSS
Exploits0References1
Rows per page
Query Builder