Lucene search
K

7293 matches found

Cvelist
Cvelist
added 2024/08/12 10:11 p.m.18 views

CVE-2024-43151 WordPress Ultimate Addons for Beaver Builder – Lite plugin <= 1.5.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite allows Stored XSS.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.9...

6.5CVSS0.00246EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/12 10:11 p.m.14 views

CVE-2024-43151 WordPress Ultimate Addons for Beaver Builder – Lite plugin <= 1.5.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite allows Stored XSS.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.9...

6.5CVSS6.8AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2024/08/12 10:11 p.m.42 views

CVE-2024-43151

CVE-2024-43151 is a Stored XSS vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite . The issue is described as improper input neutralization during web page generation and affects the product from n/a through version 1.5.9 . Exploitation details are not provided beyond sto...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/08/12 9:17 p.m.14 views

CVE-2024-43225 WordPress Enter Addons plugin <= 2.1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.7...

6.5CVSS0.00246EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/12 9:17 p.m.14 views

CVE-2024-43225 WordPress Enter Addons plugin <= 2.1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.7...

6.5CVSS6.8AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2024/08/12 9:17 p.m.51 views

CVE-2024-43225

CVE-2024-43225 affects Enter Addons (WordPress plugin for Elementor). Evidence in connected data shows a Stored Cross-Site Scripting vulnerability that is exploitable by authenticated users (Contributor+). Root cause reported in multiple sources points to improper handling/neutralization of input...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/12 2:9 p.m.3 views

WordPress Mega Addons For Elementor plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Mega Addons For Elementor versions = 1.9...

6.5CVSS6.1AI score0.00239EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/08/12 1:38 p.m.2 views

CVE-2024-4360

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 5.7.2 due to insufficient input sanitization and output escapi...

5.4CVSS5.9AI score0.00446EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.7 views

WordPress plugin Element Pack Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

6.5CVSS6.5AI score0.00507EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.4 views

WordPress plugin Xpro Elementor Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6AI score0.00246EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.5 views

WordPress plugin Enter Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS6AI score0.00246EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.5 views

PT-2024-38207 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Element Pack Elementor Addons plugin for WordPress versions up to, and including, 5.7.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Custom Gallery and Countdown widgets due to insufficient input...

6.4CVSS5.9AI score0.00451EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.7 views

PT-2024-30389 · Themelooks · Themelooks Enter Addons

Name of the Vulnerable Software and Affected Versions: ThemeLooks Enter Addons versions n/a through 2.1.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in ThemeLooks Enter Addons...

6.5CVSS5.5AI score0.00246EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.4 views

WordPress plugin Ultimate Addons for Beaver Builder – Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6AI score0.00246EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/09 12:50 p.m.5 views

WordPress Enter Addons plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Enter Addons versions = 2.1.9...

6.5CVSS6.1AI score0.00246EPSS
Exploits0Affected Software1
CVE
CVE
added 2024/08/09 4:29 a.m.73 views

CVE-2024-4359

CVE-2024-4359 (Element Pack for WordPress) : The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin is exploitable via arbitrary file read in all versions up to 5.7.2, using the SVG widget and insufficient file validation in render_svg. ...

6.5CVSS6.3AI score0.00507EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/09 4:29 a.m.17 views

CVE-2024-4359 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.7.2 - Authenticated (Contributor+) Arbitrary File Read

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 5.7.2 via the SVG widget and a lack of sufficient file validation in the rendersvg function...

6.5CVSS6.8AI score0.00507EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/09 4:29 a.m.11 views

CVE-2024-4360 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via title_tag

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 5.7.6 due to insufficient input sanitization and output escapi...

6.4CVSS6.1AI score0.00446EPSS
Exploits0References5
CVE
CVE
added 2024/08/09 4:29 a.m.61 views

CVE-2024-4360

CVE-2024-4360 affects Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) for WordPress. Root cause: insufficient input sanitization and output escaping on user-supplied attributes like title_tag, enabling Stored XSS via widgets. Affected versio...

6.4CVSS6.1AI score0.00446EPSS
Exploits0References5Affected Software1
Patchstack
Patchstack
added 2024/08/09 12:29 a.m.3 views

WordPress Element Pack Elementor Addons plugin <= 5.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via title_tag vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via titletag vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Element Pack Elementor Addons versions = 5.7.6...

6.4CVSS5.8AI score0.00446EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder