CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2025/11/18 9:27 a.m.•12 views

CVE-2025-13196

CVE-2025-13196 (Element Pack Addons for Elementor, WordPress) The vulnerability is a Stored Cross-Site Scripting flaw in the Open Street Map widget’s marker content parameter, affecting all versions up to 8.3.4. Authentication is required (contributors or higher) to inject scripts that execute fo...

5.4CVSS4.7AI score0.00143EPSS

Vulnrichment•added 2025/11/18 9:27 a.m.•0 views

CVE-2025-13196 Element Pack Addons for Elementor <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map widget

5.4CVSS4.7AI score0.00143EPSS

Cvelist•added 2025/11/18 9:27 a.m.•5 views

CVE-2025-13196 Element Pack Addons for Elementor <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map widget

5.4CVSS0.00143EPSS

Patchstack•added 2025/11/18 4:45 a.m.•4 views

WordPress Element Pack Addons for Elementor plugin <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Open Street Map widget vulnerability discovered by zer0gh0st in WordPress Plugin Element Pack Elementor Addons versions = 8.3.4...

5.4CVSS5.8AI score0.00143EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/11/18 12:0 a.m.•3 views

PT-2025-47287

Name of the Vulnerable Software and Affected Versions Element Pack Addons for Elementor plugin for WordPress versions up to and including 8.3.4 Description The Element Pack Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Open Street Map widget’s...

5.4CVSS5.2AI score0.00143EPSS

Exploits0References5

CNNVD•added 2025/11/18 12:0 a.m.•2 views

WordPress plugin Element Pack Addons for Elementor 跨站脚本漏洞

WordPress Element Pack Addons for Elementor plugin is an extension plugin designed for Elementor page builder that provides rich feature modules and templates for creating professional web designs. The WordPress Element Pack Addons for Elementor plugin suffers from a cross-site scripting...

5.4CVSS5.8AI score0.00143EPSS

CNNVD•added 2025/11/14 12:0 a.m.•4 views

Sony NCP-HG100 操作系统命令注入漏洞

The Sony NCP-HG100 is a webcam from Sony Japan. An operating system command injection vulnerability exists in Sony NCP-HG100 version 1.4.48.16 and earlier, which stems from improper neutralization of a special element and can lead to remote command execution...

8.6CVSS7.4AI score0.01124EPSS

Exploits0References3

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-175914

Malicious code in transform-blitz-element-ui-helios npm...

EUVD•added 2025/11/13 3:23 a.m.•3 views

EUVD-2025-179075

Malicious code in eridanus-geochronology-element-ui-io npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-180054

Malicious code in biosignature-enif-element-ui-biohacking npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•3 views

Malicious code in eclipse-ursa-element-ui-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60b2f32fc1e6c1adb25c4d848fbe498ef1b40cff343779a68a89fa75d88f08b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-176095

Malicious code in supervisor-cosmology-element-ui-rigel npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-175966

Malicious code in thermochronology-gravity-commitlint-element-ui npm...