Lucene search
+L

83 matches found

NVD
NVD
added 2025/11/18 10:15 a.m.5 views

CVE-2025-13196

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Open Street Map widget's marker content parameter in all versions up to, and including, 8.3.4. This is due to insufficient input sanitization and output escaping on user-supplied...

5.4CVSS0.00164EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/18 9:27 a.m.8 views

CVE-2025-13196 Element Pack Addons for Elementor <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map widget

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Open Street Map widget's marker content parameter in all versions up to, and including, 8.3.4. This is due to insufficient input sanitization and output escaping on user-supplied...

5.4CVSS0.00164EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/11/18 4:45 a.m.7 views

WordPress Element Pack Addons for Elementor plugin <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Open Street Map widget vulnerability discovered by zer0gh0st in WordPress Plugin Element Pack Elementor Addons versions = 8.3.4...

5.4CVSS5.8AI score0.00164EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.6 views

WordPress plugin Element Pack Addons for Elementor 跨站脚本漏洞

WordPress Element Pack Addons for Elementor plugin is an extension plugin designed for Elementor page builder that provides rich feature modules and templates for creating professional web designs. The WordPress Element Pack Addons for Elementor plugin suffers from a cross-site scripting...

5.4CVSS5.8AI score0.00164EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.8 views

PT-2025-47287

Name of the Vulnerable Software and Affected Versions Element Pack Addons for Elementor plugin for WordPress versions up to and including 8.3.4 Description The Element Pack Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Open Street Map widget’s...

5.4CVSS5.2AI score0.00164EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/21 9:29 p.m.6 views

CVE-2025-11536

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wpajaximportelementortemplate action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to ma...

5CVSS5.8AI score0.00223EPSS
Exploits0References1
NVD
NVD
added 2025/10/20 10:15 p.m.7 views

CVE-2025-11536

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wpajaximportelementortemplate action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to ma...

5CVSS0.00223EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/20 9:23 p.m.5 views

CVE-2025-11536 Element Pack Addons for Elementor <= 8.2.5 - Authenticated (Subscriber+) Blind Server-Side Request Forgery

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wpajaximportelementortemplate action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to ma...

5CVSS5.5AI score0.00223EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/20 9:23 p.m.12 views

CVE-2025-11536 Element Pack Addons for Elementor <= 8.2.5 - Authenticated (Subscriber+) Blind Server-Side Request Forgery

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wpajaximportelementortemplate action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to ma...

5CVSS0.00223EPSS
Exploits0References2
CVE
CVE
added 2025/10/20 9:23 p.m.20 views

CVE-2025-11536

CVE-2025-11536 : Element Pack Addons for Elementor (WordPress)

5CVSS5.5AI score0.00223EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.7 views

WordPress plugin Element Pack Addons for Elementor 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A code issue...

5CVSS6.7AI score0.00223EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-15121

Malicious code in bioql PyPI...

6.4CVSS7.2AI score0.00278EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19876

Malicious code in bioql PyPI...

6.4CVSS6.3AI score0.00269EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16544

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00186EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-12496

Malicious code in bioql PyPI...

6.4CVSS7.2AI score0.0019EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-34347

Malicious code in bioql PyPI...

4.3CVSS8.7AI score0.00352EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/06 3:40 a.m.8 views

CVE-2025-8100 Element Pack Elementor Addons and Templates <= 8.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map Widget Marker Content

The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markercontent' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

5.4CVSS0.03338EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/05 8:27 a.m.12 views

CVE-2025-5944

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-caption’ attribute in all versions up to, and including, 8.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.5AI score0.00269EPSS
Exploits1References1
NVD
NVD
added 2025/07/03 5:15 a.m.6 views

CVE-2025-5944

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-caption’ attribute in all versions up to, and including, 8.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00269EPSS
Exploits1References9
OSV
OSV
added 2025/07/03 5:15 a.m.4 views

CVE-2025-5944

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-caption’ attribute in all versions up to, and including, 8.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.4CVSS5.9AI score0.00269EPSS
Exploits1References9
Rows per page
Query Builder