Lucene search
K

573 matches found

Patchstack
Patchstack
added 2025/12/12 5:57 a.m.8 views

WordPress Jobmonster Elementor Addon plugin <= 1.1.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Jobmonster Elementor Addon versions = 1.1.4...

9.8CVSS7AI score0.00385EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/10 2:23 p.m.5 views

CVE-2025-67540

Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...

6.5CVSS7AI score0.003EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2025-201944

Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through = 3.20.2...

4.3CVSS6.5AI score0.00239EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:18 p.m.5 views

CVE-2025-67540

Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...

6.5CVSS0.003EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:18 p.m.7 views

CVE-2025-67524

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

7.5CVSS0.00385EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:13 p.m.31 views

CVE-2025-67524 WordPress Jobmonster Elementor Addon plugin <= 1.1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

7.5CVSS0.00385EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:13 p.m.3 views

CVE-2025-67524 WordPress Jobmonster Elementor Addon plugin <= 1.1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

7.5CVSS6.7AI score0.00385EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-49916

Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...

6.5CVSS7AI score0.003EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.7 views

WordPress plugin Jobmonster Elementor Addon 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.5CVSS6.5AI score0.00385EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.5 views

PT-2025-49900

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

9.8CVSS7.1AI score0.00385EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/22 8:35 a.m.6 views

CVE-2025-13141

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all versions up to, and including, 3.0.0 due to insufficient input validation on user-supplied HTML tag names. This is due to the lack of a tag name...

6.4CVSS5AI score0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/21 8:28 a.m.6 views

EUVD-2025-198390

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all versions up to, and including, 3.0.0 due to insufficient input validation on user-supplied HTML tag names. This is due to the lack of a tag name...

6.4CVSS4.6AI score0.0019EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.10 views

PT-2025-47709

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Gutenberg blocks in all versions up to, and including, 3.0.0 due to insufficient input validation on user-supplied HTML tag names. This is due to the lack of a tag name...

6.4CVSS5AI score0.0019EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/11/20 11:41 p.m.8 views

WordPress HT Mega – Absolute Addons For Elementor plugin <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tag Attribute Injection vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Tag Attribute Injection vulnerability discovered by Abu Hurayra HurayraIIT in WordPress Plugin HT Mega versions = 3.0.0...

6.4CVSS6AI score0.0019EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/20 9:36 p.m.16 views

CVE-2025-6251

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via $item'fieldid' in all versions up to, and including, 1.7.1036 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5AI score0.00166EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/08 9:28 a.m.3 views

CVE-2025-12837 aThemes Addons for Elementor <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call To Action Widget

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Call To Action widget in versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user-supplied values. This makes it possible for authenticated...

6.4CVSS4.6AI score0.00218EPSS
Exploits0References4
CVE
CVE
added 2025/11/05 6:0 a.m.22 views

CVE-2025-10873

CVE-2025-10873 : ElementInvader Addons for Elementor (WordPress) before 1.4.1 allows an unauthenticated user to send arbitrary emails to arbitrary addresses due to a missing authorization check on the elementinvader_addons_for_elementor_forms_send_form action. Affected plugin versions are prior t...

5.3CVSS6.6AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/28 2:38 a.m.11 views

CVE-2025-62923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Debuggers Studio Marquee Addons for Elementor marquee-addons-for-elementor allows DOM-Based XSS.This issue affects Marquee Addons for Elementor: from n/a through = 3.8.2...

6.5CVSS5.9AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/23 3:13 p.m.6 views

CVE-2025-59007

Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor tf-woo-product-grid allows Object Injection.This issue affects TF Woo Product Grid Addon For Elementor: from n/a through = 1.0.1...

9.8CVSS7AI score0.00449EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/22 3:31 p.m.7 views

EUVD-2025-35441

Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor tf-woo-product-grid allows Object Injection.This issue affects TF Woo Product Grid Addon For Elementor: from n/a through = 1.0.1...

8.1CVSS6.5AI score0.00449EPSS
Exploits0References2
Rows per page
Query Builder