7270 matches found
CVE-2026-32372
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder allows Retrieve Embedded Sensitive Data.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through =...
CVE-2026-32460
CVE-2026-32460 concerns the WordPress plugin Themefic Ultimate Addons for Contact Form 7, affected up to version 3.5.36. The vulnerability is described as Cross-Site Scripting (XSS) due to improper neutralization of input during web page generation, enabling exploitation via configured access con...
CVE-2026-32460
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact...
CVE-2026-32460 WordPress Ultimate Addons for Contact Form 7 plugin <= 3.5.36 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact...
CVE-2026-32462 WordPress Master Addons for Elementor plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows DOM-Based XSS.This issue affects Master Addons for Elementor: from n/a through = 2.1.3...
CVE-2026-32462
CVE-2026-32462 affects Master Addons for Elementor (Master Addons) up to version 2.1.3. Root cause: improper input neutralization during web page generation enabling DOM-based XSS. Impact: authenticated users (Author+) could trigger stored cross-site scripting in the plugin code. Remediation: upd...
CVE-2026-32462
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liton Arefin Master Addons for Elementor master-addons allows DOM-Based XSS.This issue affects Master Addons for Elementor: from n/a through = 2.1.3...
CVE-2026-32457
CVE-2026-32457 concerns a "Missing Authorization" (Broken Access Control) vulnerability in the WordPress plugin Advanced Product Fields (Product Addons) for WooCommerce . Affected versions are from n/a through
CVE-2026-32457
Missing Authorization vulnerability in Wombat Plugins Advanced Product Fields Product Addons for WooCommerce advanced-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Product Fields Product Addons for WooCommerce:...
CVE-2026-32457 WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.18 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wombat Plugins Advanced Product Fields Product Addons for WooCommerce advanced-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Product Fields Product Addons for WooCommerce:...
CVE-2026-32430 WordPress PowerPack Addons for Elementor plugin <= 2.9.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.This issue affects PowerPack Addons for Elementor: from n/a through = 2.9.9...
CVE-2026-32429 WordPress Magical Addons For Elementor plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through = 1.4.1...
CVE-2026-32430
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.This issue affects PowerPack Addons for Elementor: from n/a through = 2.9.9...
CVE-2026-32430 WordPress PowerPack Addons for Elementor plugin <= 2.9.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.This issue affects PowerPack Addons for Elementor: from n/a through = 2.9.9...
CVE-2026-32429
The CVE-2026-32429 entry concerns the WordPress plugin Magical Addons For Elementor (magical-addons-for-elementor)
CVE-2026-32430
PowerPack Addons for Elementor (powerpack-lite-for-elementor)
CVE-2026-32429 WordPress Magical Addons For Elementor plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through = 1.4.1...
CVE-2026-32395
The CVE affects WordPress Xpro Addons For Beaver Builder – Lite (xpro-addons-beaver-builder-elementor) with versions up to and including 1.5.6. It describes a Missing Authorization vulnerability that enables Exploiting Incorrectly Configured Access Control Security Levels, i.e., a broken access c...
CVE-2026-32395 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...
CVE-2026-32395
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...