7293 matches found
WordPress plugin Elementor Addons by Livemesh security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress plugin Elementor Addons by Livemesh security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2024-26965 · Livemesh · Elementor Addons
Name of the Vulnerable Software and Affected Versions: Elementor Addons by Livemesh plugin for WordPress versions up to, and including, 8.3.7 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Posts Grid widget due to insufficient input sanitization and output...
WordPress Premium Addons for Elementor Plugin <= 4.10.35 is vulnerable to Denial of Service Attack
Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.35 Fixed in 4.10.36 OWASP Top 10 A4: Insecure Design Classification Denial of Service Attack CVE CVE-2024-6434 Patch priority Low CVSS severity Low 3.1 Developer LeapWorx PSID 57fda0bf6d45 Credits Muhammad Umer Adeem Yld...
WordPress Livemesh Addons for Elementor Plugin <= 8.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Livemesh Addons for Elementor Type Plugin Vulnerable versions = 8.4.1 Fixed in 8.4.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3638 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8c5eeeb75963 Credits Webbernaut...
PT-2024-26963 · Livemesh · Elementor Addons
Name of the Vulnerable Software and Affected Versions: Elementor Addons by Livemesh plugin for WordPress versions up to, and including, 8.3.7 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Marquee Text Widget, Testimonials Widget, and Testimonial Slider widgets...
CVE-2024-6340
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-4482
CVE-2024-4482 : The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is affected by Stored Cross-Site Scripting via the Countdown widget. Root cause: insufficient input sanitization and output escaping on the user-supplied text_day...
WordPress WS Theme Addons plugin <= 2.0.0 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin WS Theme Addons versions = 2.0.0...
WordPress The Plus Addons for Elementor plugin <= 5.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.6.1...
WordPress Premium Addons for Elementor plugin <= 4.10.35 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by Webbernaut in WordPress Plugin Premium Addons for Elementor versions = 4.10.35...
WordPress WS Theme Addons Plugin <= 2.0.0 is vulnerable to Backdoor
Software WS Theme Addons Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 484368cadc2b Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...
WordPress plugin Premium Addons for Elementor Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress plugin The Plus Addons for Elementor Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Premium Addons for Elementor Plugin <= 4.10.35 is vulnerable to Cross Site Scripting (XSS)
Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.35 Fixed in 4.10.36 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6340 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID f50506540d4a Credits Webbernaut...
WordPress Elementor Header & Footer Builder plugin <= 1.6.35 - Contributor+ DOM-Based Cross Site Scripting (XSS) vulnerability
Contributor+ DOM-Based Cross Site Scripting XSS vulnerability discovered by wcraft Patchstack Alliance in WordPress Plugin Ultimate Addons for Elementor - Lite versions = 1.6.35...
WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Beaver Builder Addons by WPZOOM versions = 1.3.5...
WordPress Ultimate Addons for elementor plugin <= 1.36.31 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Ngô Thiên An ancorn from VNPT-VCI, Phan Trong Quan - VNPT Cyber Immunity Patchstack Alliance in WordPress Plugin Ultimate Addons for Elementor versions = 1.36.31...
WordPress Happy Addons for Elementor plugin <= 3.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gradient Heading Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Gradient Heading Widget vulnerability discovered by wesley wcraft in WordPress Plugin Happy Addons for Elementor versions = 3.11.1...
WordPress Ultimate Addons for Elementor Plugin <= 1.36.31 is vulnerable to Privilege Escalation
Software Ultimate Addons for Elementor Type Plugin Vulnerable versions = 1.36.31 Fixed in 1.36.32 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-37455 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID accfb8b8dfc3 Credits Ngô...