CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-34397

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00066EPSS

Exploits0References2

CVE•added 2025/05/31 7:22 a.m.•53 views

CVE-2025-5290

CVE-2025-5290 concerns the Borderless – Elementor Addons and Templates WordPress plugin. It is a Stored Cross-Site Scripting vulnerability via the title parameter affecting all versions up to 1.7.1, enabling an authenticated attacker with Contributor+ privileges to inject scripts that execute whe...

6.4CVSS5.8AI score0.00298EPSS

Exploits0References8

RedhatCVE•added 2025/05/23 2:9 a.m.•7 views

CVE-2023-38518

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Visualmodo Borderless plugin = 1.4.8 versions...

5.9CVSS5.6AI score0.00079EPSS

Exploits0References1

OSV•added 2025/01/31 5:15 a.m.•1 views

CVE-2024-10867

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.5.9 due to insufficient input sanitization and output escaping. This makes it possible...

5.4CVSS5.9AI score0.00189EPSS

Exploits0References2

NVD•added 2025/01/31 5:15 a.m.•6 views

CVE-2024-10867

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible...

5.4CVSS0.00189EPSS

Exploits0References3

Vulnrichment•added 2025/01/31 4:21 a.m.•3 views

CVE-2024-10867 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible...

5.4CVSS7.4AI score0.00189EPSS

Exploits0References3

Cvelist•added 2025/01/31 4:21 a.m.•12 views

CVE-2024-10867 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible...

5.4CVSS0.00189EPSS

Exploits0References3

Patchstack•added 2025/01/30 3:3 p.m.•1 views

WordPress Borderless plugin <= 1.5.9 - Missing Authorization to Icon Font Deletion vulnerability

Missing Authorization to Icon Font Deletion vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Borderless versions = 1.5.9...

4.3CVSS7AI score0.00066EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/01/30 2:51 p.m.•3 views

WordPress Borderless plugin <= 1.6.0 - Authenticated (Administrator+) Remote Code Execution vulnerability

Authenticated Administrator+ Remote Code Execution vulnerability discovered by WordFence in WordPress Plugin Borderless versions = 1.6.0...

7.2CVSS7.5AI score0.00812EPSS

Exploits0References1Affected Software1

NVD•added 2025/01/30 2:15 p.m.•6 views

CVE-2024-11583

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'removezippedfont' function in all versions up to, and including, 1.5.9. This makes it possible for...

4.3CVSS0.00066EPSS

Exploits0References3

NVD•added 2025/01/30 2:15 p.m.•23 views

CVE-2024-11600

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.6.0 via the 'writeconfig' function. This is due to a lack of sanitization on an imported JSON file. This makes it...

7.2CVSS0.00812EPSS

Exploits0References5

OSV•added 2025/01/30 2:15 p.m.•0 views

CVE-2024-11600

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.9 via the 'writeconfig' function. This is due to a lack of sanitization on an imported JSON file. This makes it...

7.2CVSS6.1AI score

Exploits0References4

Cvelist•added 2025/01/30 1:41 p.m.•8 views

CVE-2024-11583 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.9 - Missing Authorization to Icon Font Deletion

4.3CVSS0.00066EPSS

Exploits0References3

CVE•added 2025/01/30 1:41 p.m.•37 views

CVE-2024-11583

CVE-2024-11583 (Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg) affects Borderless versions up to and including 1.5.9. The vulnerability is a missing capability check in the remove_zipped_font function, enabling authenticated attackers with Subscriber-level access...

4.3CVSS4.3AI score0.00066EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/01/30 1:41 p.m.•5 views

CVE-2024-11583 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.9 - Missing Authorization to Icon Font Deletion

4.3CVSS4.4AI score0.00066EPSS

Exploits0References3

CNNVD•added 2025/01/30 12:0 a.m.•1 views

WordPress plugin Borderless 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.1AI score0.00066EPSS

Exploits0References2

CNNVD•added 2025/01/30 12:0 a.m.•2 views

WordPress plugin Borderless 代码注入漏洞

7.2CVSS9.4AI score0.00812EPSS

Exploits0References4

CNNVD•added 2024/12/06 12:0 a.m.•1 views

WordPress plugin Borderless 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS7.8AI score0.00138EPSS

Exploits0References1

Patchstack•added 2024/12/02 3:13 p.m.•1 views

WordPress Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Borderless versions = 1.5.8...

5.9CVSS6.1AI score0.00138EPSS

Exploits0Affected Software1

WPVulnDB•added 2024/05/20 12:0 a.m.•17 views

Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg < 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget attributes in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping. This makes it...

6.5CVSS5.8AI score0.00287EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by