7293 matches found
WordPress Element Pack Elementor Addons Plugin <= 5.6.11 is vulnerable to Cross Site Scripting (XSS)
Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.6.11 Fixed in 5.6.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39667 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1890773d2095 Credits wcraft Required...
PT-2024-28586 · Elementor · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Essential Addons for Elementor versions through 5.9.26 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
PT-2024-28204 · Elementor · The Pack Elementor Addons
Name of the Vulnerable Software and Affected Versions: The Pack Elementor addons versions 2.0.8.6 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal', which allows PHP Local File Inclusion. This enables...
WordPress plugin The Pack Elementor addons 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...
PT-2024-28606 · Elementor · Element Pack Elementor Addons
Name of the Vulnerable Software and Affected Versions: Element Pack Elementor Addons versions through 5.6.11 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...
WordPress Happy Addons for Elementor plugin <= 3.11.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via PDF View Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via PDF View Widget vulnerability discovered by Webbernaut in WordPress Plugin Happy Addons for Elementor versions = 3.11.2...
WordPress Piotnet Addons For Elementor plugin <= 2.4.29 - Unauthenticated Sensitive Information Exposure vulnerability
Unauthenticated Sensitive Information Exposure vulnerability discovered by Webbernaut in WordPress Plugin Piotnet Addons For Elementor versions = 2.4.29...
WordPress Happy Addons for Elementor Plugin <= 3.11.2 is vulnerable to Cross Site Scripting (XSS)
Software Happy Addons for Elementor Type Plugin Vulnerable versions = 3.11.2 Fixed in 3.11.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6627 Patch priority Low CVSS severity Low 6.5 Developer Leevio PSID 0dee5f2221b3 Credits Webbernaut Required...
WordPress Piotnet Addons For Elementor Plugin <= 2.4.29 is vulnerable to Sensitive Data Exposure
Software Piotnet Addons For Elementor Type Plugin Vulnerable versions = 2.4.29 Fixed in 2.4.30 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-5614 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 44d89541ed39 Credits Webbernaut...
CVE-2024-6627
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's PDF View widget in all versions up to, and including, 3.11.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-5614
The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.29 via the 'pafepostslist' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and excerpts of...
CVE-2024-6627
CVE-2024-6627 : Happy Addons for Elementor (WordPress) is vulnerable to Stored Cross-Site Scripting via the PDF View widget in all versions
CVE-2024-5614 Piotnet Addons For Elementor <= 2.4.29 - Unauthenticated Sensitive Information Exposure
The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.29 via the 'pafepostslist' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and excerpts of...
CVE-2024-5614
CVE-2024-5614 affects Piotnet Addons For Elementor for WordPress up to version 2.4.29. The vulnerability allows unauthenticated attackers to perform Sensitive Information Exposure via the pafe_posts_list function, exposing titles and excerpts of future, draft, and pending posts. CVSS 3.1/3.1 base...
PT-2024-37756 · WordPress · Happy Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Happy Addons for Elementor plugin for WordPress versions up to, and including, 3.11.2 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's PDF View widget, allowing...
WordPress plugin Piotnet Addons For Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Happy Addons for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-36722 · WordPress · Piotnet Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Piotnet Addons For Elementor plugin for WordPress versions up to, and including, 2.4.29 Description: The issue allows unauthenticated attackers to extract sensitive data, including titles and excerpts of future, draft, and pending blog posts,...
CVE-2024-5818
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget in all versions up to, and including, 1.3.980 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2024-5818 Royal Elementor Addons and Templates <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget in all versions up to, and including, 1.3.980 due to insufficient input sanitization and output escaping on user supplied attributes...