19 matches found
EUVD-2024-49429
Malicious code in bioql PyPI...
WordPress Sky Addons for Elementor plugin <= 2.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Content Switcher Widget Elementor Template vulnerability
Authenticated Contributor+ Sensitive Information Exposure via Content Switcher Widget Elementor Template vulnerability discovered by Nishiv in WordPress Plugin Sky Addons for Elementor versions = 2.6.1...
CVE-2024-9542
The Sky Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 via the render function in modules/content-switcher/widgets/content-switcher.php. This makes it possible for authenticated attackers, with Contributor-leve...
CVE-2024-10316
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.4 in includes/templates/content-switcher.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract...
CVE-2024-10316
CVE-2024-10316 involves the Stratum – Elementor Widgets WordPress plugin. The vulnerability affects all versions up to and including 1.4.4 and resides in includes/templates/content-switcher.php, enabling authenticated attackers with Contributor+ privileges to exfiltrate sensitive template data (p...
CVE-2024-9542
The CVE-2024-9542 entry concerns the WordPress plugin Sky Addons for Elementor. The vulnerability exists in all versions up to and including 2.6.1 and is triggered by the render function in modules/content-switcher/widgets/content-switcher.php. It permits authenticated attackers with Contributor-...
CVE-2024-8801
The Happy Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.12.2 via the Content Switcher widget. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data...
CVE-2024-8801
The Happy Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.12.2 via the Content Switcher widget. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data...
PT-2024-39266 · WordPress · Happy Addons For Elementor
Name of the Vulnerable Software and Affected Versions: The Happy Addons for Elementor plugin for WordPress versions up to, and including, 3.12.2 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive data, including private, draft, and...
CVE-2024-3743
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...
CVE-2024-3743 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...
CVE-2024-3743 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...
CVE-2024-1393
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'iconalign' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-1393
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'iconalign' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for...
Cross site scripting
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'iconalign' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-1393 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Switcher Widget
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'iconalign' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-1393
Elementor Addon Elements for WordPress has Stored XSS via the Content Switcher widget (icon_align) in all versions up to 1.12.12. Root cause: insufficient input sanitization and output escaping. Affected: plugin versions
WordPress Plugin Elementor Addon Elements Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2024-18005 · WordPress · Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the icon align attribute of the Content Switcher widget due to insufficient input...