68 matches found
WordPress Borderless plugin <= 1.6.0 - Authenticated (Administrator+) Remote Code Execution vulnerability
Authenticated Administrator+ Remote Code Execution vulnerability discovered by WordFence in WordPress Plugin Borderless versions = 1.6.0...
CVE-2024-11600
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.9 via the 'writeconfig' function. This is due to a lack of sanitization on an imported JSON file. This makes it...
CVE-2024-11583
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'removezippedfont' function in all versions up to, and including, 1.5.9. This makes it possible for...
CVE-2024-11600
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.6.0 via the 'writeconfig' function. This is due to a lack of sanitization on an imported JSON file. This makes it...
CVE-2024-11583 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.9 - Missing Authorization to Icon Font Deletion
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'removezippedfont' function in all versions up to, and including, 1.5.9. This makes it possible for...
CVE-2024-11583 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.9 - Missing Authorization to Icon Font Deletion
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'removezippedfont' function in all versions up to, and including, 1.5.9. This makes it possible for...
CVE-2024-11583
CVE-2024-11583 (Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg) affects Borderless versions up to and including 1.5.9. The vulnerability is a missing capability check in the remove_zipped_font function, enabling authenticated attackers with Subscriber-level access...
WordPress plugin Borderless 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
PT-2025-1664 · WordPress · Borderless – Widgets
Name of the Vulnerable Software and Affected Versions: Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress versions up to, and including, 1.5.9 Description: The issue is related to a missing capability check on the remove zipped font function,...
PT-2025-1665 · WordPress · Borderless – Widgets
Name of the Vulnerable Software and Affected Versions: Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress versions up to, and including, 1.5.9 Description: The issue is related to Remote Code Execution due to a lack of sanitization on an imported...
WordPress plugin Borderless 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-54211
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visualmodo Borderless borderless allows Cross-Site Scripting XSS.This issue affects Borderless: from n/a through = 1.5.8...
CVE-2024-54211
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visualmodo Borderless allows Cross-Site Scripting XSS.This issue affects Borderless: from n/a through 1.5.8...
CVE-2024-54211
CVE-2024-54211 is a Cross-Site Scripting (XSS) vulnerability affecting the WordPress plugin Borderless (Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg) version up to 1.5.8. The issue arises from improper neutralization of input during web page generation. Public references con...
CVE-2024-54211 WordPress Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visualmodo Borderless borderless allows Cross-Site Scripting XSS.This issue affects Borderless: from n/a through = 1.5.8...
WordPress plugin Borderless 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
WordPress Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Borderless versions = 1.5.8...
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg < 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget attributes in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping. This makes it...
CVE-2024-34757
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Visualmodo Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg allows Stored XSS.This issue affects Borderless – Widgets, Elements, Templates and Toolkit for...
CVE-2024-34757
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visualmodo Borderless borderless allows DOM-Based XSS.This issue affects Borderless: from n/a through = 1.7.3...