CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.6.4...

6.5CVSS6.8AI score0.0024EPSS

Exploits0

RedhatCVE•added 2025/05/23 10:39 a.m.•3 views

CVE-2024-47629

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through = 2.0.5...

6.5CVSS5.9AI score0.00237EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:26 a.m.•7 views

CVE-2024-4606

Deserialization of Untrusted Data vulnerability in BdThemes Ultimate Store Kit Elementor Addons.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.0.3...

5.4CVSS6.9AI score0.00332EPSS

Exploits0

RedhatCVE•added 2025/05/23 7:40 a.m.•7 views

CVE-2024-31357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.5.2...

6.5CVSS5.2AI score0.00357EPSS

Exploits0References1

RedhatCVE•added 2025/04/25 3:47 p.m.•3 views

CVE-2025-39588

Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Object Injection.This issue affects Ultimate Store Kit Elementor Addons: from n/a through = 2.4.0...

9.8CVSS7.2AI score0.00408EPSS

Exploits0References1

CVE•added 2025/01/27 1:59 p.m.•46 views

CVE-2025-24584

CVE-2025-24584 is a Missing Authorization vulnerability in BdThemes Ultimate Store Kit Elementor Addons (affected: versions up to 2.3.0). The issue arises from incorrectly configured access control security levels, enabling unauthorized access to restricted areas. The CVSS v3.1 vector (AV:N/AC:L/...

4.3CVSS7.2AI score0.00229EPSS

Exploits0References1

Positive Technologies•added 2025/01/27 12:0 a.m.•3 views

PT-2025-5422 · Elementor · Bdthemes Ultimate Store Kit Elementor Addons

Name of the Vulnerable Software and Affected Versions: BdThemes Ultimate Store Kit Elementor Addons versions n/a through 2.3.0 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations...

4.3CVSS9.4AI score0.00229EPSS

Exploits0References4

NVD•added 2024/10/05 2:15 p.m.•11 views

CVE-2024-47629

6.5CVSS0.00237EPSS

Exploits0References1

CVE•added 2024/10/05 1:21 p.m.•40 views

CVE-2024-47629

CVE-2024-47629 describes a Stored Cross-Site Scripting (XSS) vulnerability in BdThemes Ultimate Store Kit Elementor Addons (and related bundles) affecting versions up to 2.0.5. The root cause is improper input neutralization during web page generation. CVSS 3.1/6.5 (Medium) with network attack ve...

6.5CVSS5.9AI score0.00237EPSS

Exploits0References1

NVD•added 2024/08/18 2:15 p.m.•22 views

CVE-2024-43342

6.5CVSS0.0024EPSS

Exploits0References1

CVE•added 2024/05/09 11:59 a.m.•26 views

CVE-2024-4606

Deserialization of Untrusted Data in BdThemes Ultimate Store Kit Elementor Addons CVE-2024-4606 affects Ultimate Store Kit Elementor Addons and related bundles (WordPress plugins) up to version 2.0.3. Root cause: PHP object deserialization in the plugin, leading to potential arbitrary PHP object ...

5.4CVSS5.9AI score0.00332EPSS

Exploits0References1

NVD•added 2024/04/08 9:15 a.m.•16 views

CVE-2024-31357

6.5CVSS6.4AI score0.00357EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by