WordPress The Plus Addons for Elementor plugin <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Age Gate vulnerability discovered by Phuoc Pham p3tl0v3r - VNPT Cyber Immunity in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.4.2...

EUVD-2021-23477

Malware in sbrugna...

EUVD-2024-46348

Malicious code in bioql PyPI...

EUVD-2024-50173

Malicious code in bioql PyPI...

EUVD-2024-27729

Malicious code in bioql PyPI...

EUVD-2025-10645

Malicious code in bioql PyPI...

CVE-2024-9868

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate Widget 'url' parameter in all versions up to, and including, 5.10.1 due to insufficient input sanitization a...

CVE-2024-0438

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wrapper link parameter in the Age Gate in all versions up to, and including, 3.10.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacke...

CVE-2025-31012

Missing Authorization vulnerability in Phil Age Gate age-gate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Age Gate: from n/a through = 3.5.4...

CVE-2025-31012

Missing Authorization vulnerability in Phil Age Gate age-gate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Age Gate: from n/a through = 3.5.4...

CVE-2025-31012 WordPress Age Gate plugin <= 3.5.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Phil Age Gate age-gate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Age Gate: from n/a through = 3.5.4...

CVE-2025-31012

CVE-2025-31012 describes a Missing Authorization vulnerability in the WordPress plugin “Age Gate,” affecting versions up to 3.5.4. The root cause is missing authorization checks, allowing access to functionality unconstrained by ACLs. The Wordfence vulnerability entry confirms this issue and note...

CVE-2025-31012 WordPress Age Gate plugin <= 3.5.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Phil Age Gate age-gate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Age Gate: from n/a through = 3.5.4...

PT-2025-15726 · Unknown · Phil Age Gate

Name of the Vulnerable Software and Affected Versions: Phil Age Gate versions n/a through 3.5.4 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For Phil Age Gate versions n/a throug...

WordPress plugin Age Gate 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-2505

The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those...

CVE-2025-2505

The CVE-2025-2505 entry concerns the WordPress Age Gate plugin, affected versions up to and including 3.5.3. A local PHP file inclusion via the lang parameter allows unauthenticated attackers to include and execute arbitrary PHP files on the server, potentially bypassing access controls and expos...

CVE-2025-2505 Age Gate <= 3.5.3 - Unauthenticated Local PHP File Inclusion via 'lang'

The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those...

CVE-2025-2505 Age Gate <= 3.5.3 - Unauthenticated Local PHP File Inclusion via 'lang'

The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those...

PT-2025-12016

Name of the Vulnerable Software and Affected Versions: Age Gate plugin for WordPress versions up to, and including, 3.5.3 Description: The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion via the lang parameter. This allows unauthenticated attackers to include and execute...