Lucene search
K

7293 matches found

Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.3 views

PT-2024-33162 · WordPress · Wpbits Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: WPBITS Addons For Elementor Page Builder plugin for WordPress versions up to, and including, 1.5 Description: The issue is related to Stored Cross-Site Scripting via several widgets due to insufficient input sanitization and output escaping o...

6.4CVSS6AI score0.00498EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.6 views

PT-2024-27530 · Beaver Builder · Beaver Addons Powerpack Lite

Name of the Vulnerable Software and Affected Versions: Beaver Addons PowerPack Lite for Beaver Builder versions 1.3.0.3 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a Path Traversal vulnerability. This vulnerability...

7.2CVSS7AI score0.00557EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.6 views

WordPress plugin Ultimate Addons for Elementor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.9AI score0.00483EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/08 12:0 a.m.3 views

PT-2024-37426 · WordPress · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: The Unlimited Elements For Elementor plugin for WordPress versions up to, and including, 1.5.112 Description: The issue is related to time-based SQL Injection via the addons order parameter due to insufficient escaping on the user-supplied...

8.8CVSS7.3AI score0.00502EPSS
Exploits0References10
OSV
OSV
added 2024/07/06 3:15 p.m.3 views

CVE-2024-37547

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Livemesh Livemesh Addons for Elementor.This issue affects Livemesh Addons for Elementor: from n/a through 8.4.0...

6.5CVSS5.8AI score0.00519EPSS
Exploits0References1
NVD
NVD
added 2024/07/06 3:15 p.m.25 views

CVE-2024-37547

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Livemesh Livemesh Addons for Elementor.This issue affects Livemesh Addons for Elementor: from n/a through 8.4.0...

6.5CVSS0.00519EPSS
Exploits0References1
CVE
CVE
added 2024/07/06 2:39 p.m.54 views

CVE-2024-37547

CVE-2024-37547 is a Local File Inclusion path-traversal vulnerability in the WordPress plugin Livemesh Addons for Elementor (versions up to and including 8.4.0). The underlying issue is an improper limitation of a pathname to a restricted directory. Affected product versions are

6.5CVSS6.5AI score0.00519EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/06 2:35 p.m.5 views

WordPress Elementor Addons by Livemesh plugin <= 8.4.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Livemesh Addons for Elementor versions = 8.4.0...

6.5CVSS7AI score0.00519EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/07/06 1:15 p.m.3 views

CVE-2024-37541

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax allows Stored XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through 1.4.4.1...

5.4CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2024/07/06 1:15 p.m.36 views

CVE-2024-37541

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax stax-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through = 1.5....

6.5CVSS0.00242EPSS
Exploits0References2
CVE
CVE
added 2024/07/06 12:33 p.m.50 views

CVE-2024-37541

CVE-2024-37541 concerns a stored XSS in the WordPress plugin package “Stax” (Elementor Addons, Widgets and Enhancements – Stax) for WordPress. The issue stems from improper neutralization of input during web page generation, affecting Stax versions up to 1.4.4.1 (inclusive). The available connect...

6.5CVSS5.9AI score0.00242EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/07/06 12:33 p.m.32 views

CVE-2024-37541 WordPress Elementor Addons, Widgets and Enhancements – Stax plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax stax-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through = 1.5....

6.5CVSS0.00242EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/06 12:31 p.m.5 views

WordPress Elementor Addons, Widgets and Enhancements – Stax plugin <= 1.4.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Elementor Addons, Widgets and Enhancements – Stax versions = 1.4.4.1...

6.5CVSS6.1AI score0.00242EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/06 12:0 a.m.16 views

WordPress Livemesh Addons for Elementor Plugin <= 8.4.0 is vulnerable to Local File Inclusion

Software Livemesh Addons for Elementor Type Plugin Vulnerable versions = 8.4.0 Fixed in 8.4.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-37547 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 715158a91b13 Credits Ngô Thiên An ancorn from...

6.5CVSS6.9AI score0.00519EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/07/06 12:0 a.m.4 views

WordPress plugin Livemesh Addons for Elementor Path Traversal Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

6.5CVSS6.7AI score0.00519EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/06 12:0 a.m.5 views

PT-2024-27639 · Unknown · Elementor Addons

Name of the Vulnerable Software and Affected Versions: Elementor Addons, Widgets and Enhancements – Stax versions 1.4.4.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XS...

6.5CVSS6.3AI score0.00242EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/07/06 12:0 a.m.4 views

WordPress plugin Elementor Addons, Widgets and Enhancements - Stax Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.5CVSS6.2AI score0.00242EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/06 12:0 a.m.6 views

PT-2024-27644 · Unknown · Livemesh Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Livemesh Addons for Elementor versions 8.4.0 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This vulnerability affects Livemesh...

6.5CVSS6AI score0.00519EPSS
Exploits0References9
OSV
OSV
added 2024/07/04 9:15 a.m.4 views

CVE-2024-6434

The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service ReDoS in all versions up to, and including, 4.10.35. This is due to processing user-supplied input as a regular expression. This makes it possible for authenticated attackers, with...

4.3CVSS5.8AI score0.00581EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/04 8:32 a.m.24 views

CVE-2024-6434 Premium Addons for Elementor <= 4.10.35 - Regular Expressions Denial of Service

The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service ReDoS in all versions up to, and including, 4.10.35. This is due to processing user-supplied input as a regular expression. This makes it possible for authenticated attackers, with...

3.1CVSS0.00581EPSS
Exploits0References3
Rows per page
Query Builder