Lucene search
K

7293 matches found

Vulnrichment
Vulnrichment
added 2024/07/24 12:43 p.m.12 views

CVE-2024-5818 Royal Elementor Addons and Templates <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget in all versions up to, and including, 1.3.980 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5.9AI score0.00248EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/07/24 2:44 a.m.6 views

WordPress Royal Elementor Addons and Templates plugin <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget vulnerability discovered by Webbernaut in WordPress Plugin Royal Elementor Addons versions = 1.3.980...

6.4CVSS5.8AI score0.00248EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/24 12:0 a.m.4 views

PT-2024-37180 · WordPress · The Royal Elementor Addons/Templates

Name of the Vulnerable Software and Affected Versions: The Royal Elementor Addons and Templates plugin for WordPress versions up to, and including, 1.3.980 Description: The issue is related to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget due to insufficient...

6.4CVSS6AI score0.00248EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/07/24 12:0 a.m.19 views

WordPress Royal Elementor Addons Plugin <= 1.3.980 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.980 Fixed in 1.3.981 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5818 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID 21750c8b6654 Credits Webbernaut Required...

6.4CVSS5.8AI score0.00248EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/07/24 12:0 a.m.2 views

WordPress plugin Royal Elementor Addons and Templates 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6AI score0.00248EPSS
Exploits0References3
OSV
OSV
added 2024/07/22 11:15 a.m.2 views

CVE-2024-38730

Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41...

6.4CVSS5.8AI score0.0021EPSS
Exploits0References1
NVD
NVD
added 2024/07/22 11:15 a.m.19 views

CVE-2024-38730

Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41...

6.4CVSS0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/22 10:21 a.m.15 views

CVE-2024-38730 WordPress Magical Addons For Elementor plugin <= 1.1.41 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41...

4.9CVSS7AI score0.0021EPSS
Exploits0References1
CVE
CVE
added 2024/07/22 10:21 a.m.56 views

CVE-2024-38730

CVE-2024-38730: SSRF in Magical Addons For Elementor (WordPress plugin) affects Magical Addons For Elementor versions n/a through 1.1.41. Evidence in multiple feeds links to WordPress/plugin vulnerability tracking indicates the issue is present up to 1.1.41 and has been patched in later versions....

6.4CVSS5.2AI score0.0021EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/07/22 10:21 a.m.22 views

CVE-2024-38730 WordPress Magical Addons For Elementor plugin <= 1.1.41 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41...

4.9CVSS0.0021EPSS
Exploits0References1
OSV
OSV
added 2024/07/22 10:15 a.m.3 views

CVE-2024-37244

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ninja Team Ninja Beaver Add-ons for Beaver Builder allows Stored XSS.This issue affects Ninja Beaver Add-ons for Beaver Builder: from n/a through 2.4.5...

5.4CVSS5.8AI score0.00237EPSS
Exploits0References1
NVD
NVD
added 2024/07/22 10:15 a.m.15 views

CVE-2024-37121

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...

5.9CVSS0.00276EPSS
Exploits0References1
OSV
OSV
added 2024/07/22 10:15 a.m.4 views

CVE-2024-37121

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...

4.8CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2024/07/22 9:35 a.m.22 views

CVE-2024-37121 WordPress Shortcode Addons plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...

5.9CVSS0.00276EPSS
Exploits0References1
CVE
CVE
added 2024/07/22 9:35 a.m.53 views

CVE-2024-37121

CVE-2024-37121 is a Stored XSS vulnerability in WordPress plugin Shortcode Addons (biplob018 Shortcode Addons) affecting versions up to 3.2.5. The issue is described as Improper Neutralization of Input During Web Page Generation. Public details in connected sources confirm the vulnerability vecto...

5.9CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/22 9:35 a.m.15 views

CVE-2024-37121 WordPress Shortcode Addons plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...

5.9CVSS6.8AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2024/07/22 9:15 a.m.2 views

CVE-2024-37409

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Stored XSS.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.4...

5.4CVSS5.8AI score0.00293EPSS
Exploits0References1
NVD
NVD
added 2024/07/22 9:15 a.m.17 views

CVE-2024-37263

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.6...

6.5CVSS0.00261EPSS
Exploits0References1
OSV
OSV
added 2024/07/22 9:15 a.m.5 views

CVE-2024-37263

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.6...

5.4CVSS5.8AI score0.00261EPSS
Exploits0References1
CVE
CVE
added 2024/07/22 8:49 a.m.48 views

CVE-2024-37263

CVE-2024-37263 is a stored Cross-Site Scripting (XSS) vulnerability in WordPress plugin Enter Addons – Ultimate Template Builder for Elementor. Affected software: Enter Addons: from n/a through 2.1.6. The issue arises from improper neutralization of input during web page generation. Impact is sto...

6.5CVSS6.4AI score0.00261EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder