29 matches found
EUVD-2024-44176
Malicious code in bioql PyPI...
EUVD-2025-2997
Malicious code in bioql PyPI...
CVE-2025-57961
Missing Authorization vulnerability in Codexpert, Inc CoDesigner woolementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoDesigner: from n/a through = 4.29...
CVE-2025-57961
Missing Authorization vulnerability in Codexpert, Inc CoDesigner woolementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoDesigner: from n/a through = 4.29...
WordPress CoDesigner plugin <= 4.28.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin CoDesigner versions = 4.28.2...
CVE-2025-57961 WordPress CoDesigner plugin <= 4.29 - Broken Access Control vulnerability
Missing Authorization vulnerability in Codexpert, Inc CoDesigner woolementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoDesigner: from n/a through = 4.29...
CVE-2025-57961 WordPress CoDesigner plugin <= 4.29 - Broken Access Control vulnerability
Missing Authorization vulnerability in Codexpert, Inc CoDesigner woolementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoDesigner: from n/a through = 4.29...
CVE-2025-57961
CVE-2025-57961 affects CoDesigner (CoDesigner – All in One Elementor WooCommerce Builder) with Missing Authorization. According to connected Wordfence data, the vulnerability applies to CoDesigner versions up to 4.26 and is currently unpatched. The Initial Description lists the CVE as a Missing A...
PT-2025-38811
Name of the Vulnerable Software and Affected Versions Codexpert, Inc CoDesigner versions through 4.25.2 Description An authorization issue exists in Codexpert, Inc CoDesigner due to incorrectly configured access control security levels. This allows exploitation of the system. Recommendations Upda...
WordPress plugin CoDesigner 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
CVE-2025-22788
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through = 4.29...
CVE-2024-4371
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recentlyviewedproducts cookie. This makes it...
CVE-2025-22788
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through = 4.29...
CVE-2025-22788
CVE-2025-22788 affects the WordPress plugin CoDesigner – All in One Elementor WooCommerce Builder (Codexpert, Inc) with a Stored Cross-Site Scripting (XSS) vulnerability due to improper input neutralization during web page generation. Affected: CoDesigner WooCommerce Builder for Elementor version...
CVE-2025-22788 WordPress CoDesigner plugin <= 4.7.17.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codexpert, Inc CoDesigner WooCommerce Builder for Elementor allows Stored XSS.This issue affects CoDesigner WooCommerce Builder for Elementor: from n/a through 4.7.17.2...
CVE-2025-22788 WordPress CoDesigner plugin <= 4.29 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through = 4.29...
WordPress CoDesigner plugin <= 4.28.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Robert DeVore in WordPress Plugin CoDesigner versions = 4.28.2...
WordPress CoDesigner plugin <= 4.4.1 - Unauthenticated PHP Object Injection vulnerability
Unauthenticated PHP Object Injection vulnerability discovered by Francesco Carlucci in WordPress Plugin CoDesigner versions = 4.4.1...
CVE-2024-4371
CVE-2024-4371 applies to the WordPress plugin “CoDesigner – Elementor Addon for WooCommerce” (CoDesigner WooCommerce Builder for Elementor). It describes an unauthenticated PHP Object Injection in versions up to 4.4.1 caused by deserialization of untrusted input from the recently_viewed_products ...
CVE-2024-4371 CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More <= 4.4.1 - Unauthenticated PHP Object Injection
The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recentlyviewedproducts cookie. This makes it...