Lucene search
K

7293 matches found

CNNVD
CNNVD
added 2024/07/04 12:0 a.m.6 views

WordPress plugin Elementor Addons by Livemesh security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS6.8AI score0.00345EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/04 12:0 a.m.6 views

WordPress plugin Elementor Addons by Livemesh security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS6.1AI score0.00344EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/04 12:0 a.m.6 views

PT-2024-26965 · Livemesh · Elementor Addons

Name of the Vulnerable Software and Affected Versions: Elementor Addons by Livemesh plugin for WordPress versions up to, and including, 8.3.7 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Posts Grid widget due to insufficient input sanitization and output...

6.4CVSS6.2AI score0.00345EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/07/04 12:0 a.m.13 views

WordPress Premium Addons for Elementor Plugin <= 4.10.35 is vulnerable to Denial of Service Attack

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.35 Fixed in 4.10.36 OWASP Top 10 A4: Insecure Design Classification Denial of Service Attack CVE CVE-2024-6434 Patch priority Low CVSS severity Low 3.1 Developer LeapWorx PSID 57fda0bf6d45 Credits Muhammad Umer Adeem Yld...

4.3CVSS6.6AI score0.00581EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/04 12:0 a.m.15 views

WordPress Livemesh Addons for Elementor Plugin <= 8.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Livemesh Addons for Elementor Type Plugin Vulnerable versions = 8.4.1 Fixed in 8.4.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3638 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8c5eeeb75963 Credits Webbernaut...

6.4CVSS5.8AI score0.00344EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/04 12:0 a.m.5 views

PT-2024-26963 · Livemesh · Elementor Addons

Name of the Vulnerable Software and Affected Versions: Elementor Addons by Livemesh plugin for WordPress versions up to, and including, 8.3.7 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Marquee Text Widget, Testimonials Widget, and Testimonial Slider widgets...

6.4CVSS6.1AI score0.00344EPSS
Exploits0References6
NVD
NVD
added 2024/07/03 8:15 a.m.30 views

CVE-2024-6340

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00357EPSS
Exploits0References6
CVE
CVE
added 2024/07/03 7:32 a.m.60 views

CVE-2024-4482

CVE-2024-4482 : The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is affected by Stored Cross-Site Scripting via the Countdown widget. Root cause: insufficient input sanitization and output escaping on the user-supplied text_day...

6.4CVSS5.5AI score0.004EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/03 6:23 a.m.0 views

WordPress WS Theme Addons plugin <= 2.0.0 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin WS Theme Addons versions = 2.0.0...

7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/03 1:9 a.m.5 views

WordPress The Plus Addons for Elementor plugin <= 5.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.6.1...

6.4CVSS5.5AI score0.004EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/03 1:8 a.m.5 views

WordPress Premium Addons for Elementor plugin <= 4.10.35 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by Webbernaut in WordPress Plugin Premium Addons for Elementor versions = 4.10.35...

6.4CVSS5.8AI score0.00357EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/03 12:0 a.m.3 views

WordPress WS Theme Addons Plugin <= 2.0.0 is vulnerable to Backdoor

Software WS Theme Addons Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 484368cadc2b Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...

7.2AI score
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/07/03 12:0 a.m.2 views

WordPress plugin Premium Addons for Elementor Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS6.1AI score0.00357EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/07/03 12:0 a.m.5 views

WordPress plugin The Plus Addons for Elementor Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS6.2AI score0.004EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/07/03 12:0 a.m.10 views

WordPress Premium Addons for Elementor Plugin <= 4.10.35 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.35 Fixed in 4.10.36 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6340 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID f50506540d4a Credits Webbernaut...

6.4CVSS5.8AI score0.00357EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:13 p.m.4 views

WordPress Elementor Header & Footer Builder plugin <= 1.6.35 - Contributor+ DOM-Based Cross Site Scripting (XSS) vulnerability

Contributor+ DOM-Based Cross Site Scripting XSS vulnerability discovered by wcraft Patchstack Alliance in WordPress Plugin Ultimate Addons for Elementor - Lite versions = 1.6.35...

6.5CVSS6.1AI score0.00361EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:1 p.m.3 views

WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Beaver Builder Addons by WPZOOM versions = 1.3.5...

4.9CVSS7AI score0.00864EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/01 11:32 a.m.4 views

WordPress Ultimate Addons for elementor plugin <= 1.36.31 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Ngô Thiên An ancorn from VNPT-VCI, Phan Trong Quan - VNPT Cyber Immunity Patchstack Alliance in WordPress Plugin Ultimate Addons for Elementor versions = 1.36.31...

8.8CVSS7AI score0.00483EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/01 3:50 a.m.3 views

WordPress Happy Addons for Elementor plugin <= 3.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gradient Heading Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Gradient Heading Widget vulnerability discovered by wesley wcraft in WordPress Plugin Happy Addons for Elementor versions = 3.11.1...

6.4CVSS5.8AI score0.00332EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.8 views

WordPress Ultimate Addons for Elementor Plugin <= 1.36.31 is vulnerable to Privilege Escalation

Software Ultimate Addons for Elementor Type Plugin Vulnerable versions = 1.36.31 Fixed in 1.36.32 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-37455 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID accfb8b8dfc3 Credits Ngô...

8.8CVSS6.5AI score0.00483EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder