7293 matches found
PT-2024-33162 · WordPress · Wpbits Addons For Elementor Page Builder
Name of the Vulnerable Software and Affected Versions: WPBITS Addons For Elementor Page Builder plugin for WordPress versions up to, and including, 1.5 Description: The issue is related to Stored Cross-Site Scripting via several widgets due to insufficient input sanitization and output escaping o...
PT-2024-27530 · Beaver Builder · Beaver Addons Powerpack Lite
Name of the Vulnerable Software and Affected Versions: Beaver Addons PowerPack Lite for Beaver Builder versions 1.3.0.3 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a Path Traversal vulnerability. This vulnerability...
WordPress plugin Ultimate Addons for Elementor security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-37426 · WordPress · Unlimited Elements For Elementor
Name of the Vulnerable Software and Affected Versions: The Unlimited Elements For Elementor plugin for WordPress versions up to, and including, 1.5.112 Description: The issue is related to time-based SQL Injection via the addons order parameter due to insufficient escaping on the user-supplied...
CVE-2024-37547
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Livemesh Livemesh Addons for Elementor.This issue affects Livemesh Addons for Elementor: from n/a through 8.4.0...
CVE-2024-37547
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Livemesh Livemesh Addons for Elementor.This issue affects Livemesh Addons for Elementor: from n/a through 8.4.0...
CVE-2024-37547
CVE-2024-37547 is a Local File Inclusion path-traversal vulnerability in the WordPress plugin Livemesh Addons for Elementor (versions up to and including 8.4.0). The underlying issue is an improper limitation of a pathname to a restricted directory. Affected product versions are
WordPress Elementor Addons by Livemesh plugin <= 8.4.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Livemesh Addons for Elementor versions = 8.4.0...
CVE-2024-37541
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax allows Stored XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through 1.4.4.1...
CVE-2024-37541
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax stax-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through = 1.5....
CVE-2024-37541
CVE-2024-37541 concerns a stored XSS in the WordPress plugin package “Stax” (Elementor Addons, Widgets and Enhancements – Stax) for WordPress. The issue stems from improper neutralization of input during web page generation, affecting Stax versions up to 1.4.4.1 (inclusive). The available connect...
CVE-2024-37541 WordPress Elementor Addons, Widgets and Enhancements – Stax plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax stax-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through = 1.5....
WordPress Elementor Addons, Widgets and Enhancements – Stax plugin <= 1.4.4.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Elementor Addons, Widgets and Enhancements – Stax versions = 1.4.4.1...
WordPress Livemesh Addons for Elementor Plugin <= 8.4.0 is vulnerable to Local File Inclusion
Software Livemesh Addons for Elementor Type Plugin Vulnerable versions = 8.4.0 Fixed in 8.4.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-37547 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 715158a91b13 Credits Ngô Thiên An ancorn from...
WordPress plugin Livemesh Addons for Elementor Path Traversal Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
PT-2024-27639 · Unknown · Elementor Addons
Name of the Vulnerable Software and Affected Versions: Elementor Addons, Widgets and Enhancements – Stax versions 1.4.4.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XS...
WordPress plugin Elementor Addons, Widgets and Enhancements - Stax Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2024-27644 · Unknown · Livemesh Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Livemesh Addons for Elementor versions 8.4.0 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This vulnerability affects Livemesh...
CVE-2024-6434
The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service ReDoS in all versions up to, and including, 4.10.35. This is due to processing user-supplied input as a regular expression. This makes it possible for authenticated attackers, with...
CVE-2024-6434 Premium Addons for Elementor <= 4.10.35 - Regular Expressions Denial of Service
The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service ReDoS in all versions up to, and including, 4.10.35. This is due to processing user-supplied input as a regular expression. This makes it possible for authenticated attackers, with...