Lucene search
K

7293 matches found

Patchstack
Patchstack
added 2024/08/01 12:0 a.m.12 views

WordPress Element Pack Elementor Addons Plugin <= 5.6.11 is vulnerable to Cross Site Scripting (XSS)

Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.6.11 Fixed in 5.6.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39667 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1890773d2095 Credits wcraft Required...

6.5CVSS6.9AI score0.00247EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.3 views

PT-2024-28586 · Elementor · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Essential Addons for Elementor versions through 5.9.26 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

6.5CVSS5.8AI score0.00279EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.6 views

PT-2024-28204 · Elementor · The Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Pack Elementor addons versions 2.0.8.6 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal', which allows PHP Local File Inclusion. This enables...

8.8CVSS6.7AI score0.0049EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/08/01 12:0 a.m.5 views

WordPress plugin The Pack Elementor addons 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...

8.8CVSS6.6AI score0.0049EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.5 views

PT-2024-28606 · Elementor · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: Element Pack Elementor Addons versions through 5.6.11 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/07/29 2:38 a.m.4 views

WordPress Happy Addons for Elementor plugin <= 3.11.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via PDF View Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via PDF View Widget vulnerability discovered by Webbernaut in WordPress Plugin Happy Addons for Elementor versions = 3.11.2...

6.4CVSS5.8AI score0.00311EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/29 2:37 a.m.5 views

WordPress Piotnet Addons For Elementor plugin <= 2.4.29 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Webbernaut in WordPress Plugin Piotnet Addons For Elementor versions = 2.4.29...

5.3CVSS7AI score0.00439EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/29 12:0 a.m.16 views

WordPress Happy Addons for Elementor Plugin <= 3.11.2 is vulnerable to Cross Site Scripting (XSS)

Software Happy Addons for Elementor Type Plugin Vulnerable versions = 3.11.2 Fixed in 3.11.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6627 Patch priority Low CVSS severity Low 6.5 Developer Leevio PSID 0dee5f2221b3 Credits Webbernaut Required...

6.4CVSS5.8AI score0.00311EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/29 12:0 a.m.11 views

WordPress Piotnet Addons For Elementor Plugin <= 2.4.29 is vulnerable to Sensitive Data Exposure

Software Piotnet Addons For Elementor Type Plugin Vulnerable versions = 2.4.29 Fixed in 2.4.30 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-5614 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 44d89541ed39 Credits Webbernaut...

5.3CVSS6.6AI score0.00439EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/07/27 12:15 p.m.7 views

CVE-2024-6627

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's PDF View widget in all versions up to, and including, 3.11.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS6AI score0.00311EPSS
Exploits0References4
NVD
NVD
added 2024/07/27 12:15 p.m.13 views

CVE-2024-5614

The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.29 via the 'pafepostslist' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and excerpts of...

5.3CVSS0.00439EPSS
Exploits0References3
CVE
CVE
added 2024/07/27 11:13 a.m.52 views

CVE-2024-6627

CVE-2024-6627 : Happy Addons for Elementor (WordPress) is vulnerable to Stored Cross-Site Scripting via the PDF View widget in all versions

6.4CVSS5.7AI score0.00311EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/27 11:13 a.m.11 views

CVE-2024-5614 Piotnet Addons For Elementor <= 2.4.29 - Unauthenticated Sensitive Information Exposure

The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.29 via the 'pafepostslist' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and excerpts of...

5.3CVSS5.2AI score0.00439EPSS
Exploits0References3
CVE
CVE
added 2024/07/27 11:13 a.m.50 views

CVE-2024-5614

CVE-2024-5614 affects Piotnet Addons For Elementor for WordPress up to version 2.4.29. The vulnerability allows unauthenticated attackers to perform Sensitive Information Exposure via the pafe_posts_list function, exposing titles and excerpts of future, draft, and pending posts. CVSS 3.1/3.1 base...

5.3CVSS5.2AI score0.00439EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/27 12:0 a.m.5 views

PT-2024-37756 · WordPress · Happy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Happy Addons for Elementor plugin for WordPress versions up to, and including, 3.11.2 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's PDF View widget, allowing...

6.4CVSS6.9AI score0.00311EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/07/27 12:0 a.m.5 views

WordPress plugin Piotnet Addons For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.4AI score0.00439EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/27 12:0 a.m.2 views

WordPress plugin Happy Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6.4AI score0.00311EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/07/27 12:0 a.m.5 views

PT-2024-36722 · WordPress · Piotnet Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Piotnet Addons For Elementor plugin for WordPress versions up to, and including, 2.4.29 Description: The issue allows unauthenticated attackers to extract sensitive data, including titles and excerpts of future, draft, and pending blog posts,...

5.3CVSS6.7AI score0.00439EPSS
Exploits0References6
OSV
OSV
added 2024/07/24 1:15 p.m.2 views

CVE-2024-5818

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget in all versions up to, and including, 1.3.980 due to insufficient input sanitization and output escaping on user supplied attributes...

5.4CVSS5.9AI score0.00248EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/24 12:43 p.m.30 views

CVE-2024-5818 Royal Elementor Addons and Templates <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget in all versions up to, and including, 1.3.980 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS0.00248EPSS
Exploits0References2
Rows per page
Query Builder