Lucene search
K

573 matches found

Cvelist
Cvelist
added 2024/03/13 3:26 p.m.34 views

CVE-2024-1358 Elementor Addon Elements <= 1.12.12 - Directory Traversal to Local File Inclusion

The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to include the contents of arbitrary PHP files on th...

8.8CVSS8.6AI score0.01235EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.6 views

WordPress Plugin Exclusive Addons for Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.4CVSS6AI score0.00449EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.12 views

PT-2024-18032 · WordPress · Elementor Addon Elements

Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the modal popup widget's effect setting due to insufficient input sanitization and outpu...

6.4CVSS8AI score0.005EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.7 views

PT-2024-18004 · WordPress · Elementor Addon Elements

Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the button1 icon attribute of the Dual Button widget due to insufficient input...

6.4CVSS8AI score0.00509EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.6 views

WordPress Plugin Elementor Addon Elements Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS5.8AI score0.00501EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.5 views

WordPress Plugin Premium Addons for Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS5.8AI score0.00423EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.4 views

WordPress Plugin Elementor Addon Elements Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS5.8AI score0.005EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.3 views

WordPress Plugin Elementor Addon Elements Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS5.8AI score0.00501EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.3 views

WordPress Plugin Elementor Addon Elements Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS5.8AI score0.00509EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.4 views

WordPress Plugin Elementor Addon Elements Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

8.8CVSS6.8AI score0.01235EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.12 views

PT-2024-18005 · WordPress · Elementor Addon Elements

Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the icon align attribute of the Content Switcher widget due to insufficient input...

6.4CVSS8AI score0.00501EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.18 views

Elementor Addon Elements < 1.13 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the 'button1icon' attribute of the Dual Button widget due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrar...

6.4CVSS5.7AI score0.00509EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/02/22 12:0 a.m.25 views

WordPress Elementor Addon Elements Plugin <= 1.12.12 is vulnerable to Local File Inclusion

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.12.12 Fixed in 1.13 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-1358 Patch priority Low CVSS severity Low 8.8 Developer WPVibes PSID 7c75b4731d57 Credits wesley wcraft Required privilege...

8.8CVSS6.8AI score0.01235EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/02/22 12:0 a.m.14 views

WordPress Elementor Addon Elements Plugin <= 1.12.12 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.12.12 Fixed in 1.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1422 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 6fd48d0d495c Credits Webbernaut Required...

6.4CVSS5.7AI score0.005EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/02/10 12:0 a.m.5 views

WordPress Plugin Premium Addons for Elementor Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.5CVSS8.2AI score0.0032EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/02/06 12:0 a.m.15 views

WordPress Elementor Addon Elements Plugin <= 1.12.11 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.12.11 Fixed in 1.12.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0834 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 65cab16f462f Credits Webbernaut Required...

6.4CVSS5.7AI score0.00531EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/02/05 10:16 p.m.22 views

CVE-2024-0834

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the linkto parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...

6.4CVSS5.8AI score0.00531EPSS
Exploits0References3
OSV
OSV
added 2024/02/05 10:16 p.m.7 views

CVE-2024-0834

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the linkto parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...

5.4CVSS6AI score0.00531EPSS
Exploits0References3
CVE
CVE
added 2024/02/05 9:21 p.m.49 views

CVE-2024-0834

CVE-2024-0834 affects the WordPress plugin Elementor Addon Elements (versions

6.4CVSS5.6AI score0.00531EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/05 9:21 p.m.16 views

CVE-2024-0834

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the linkto parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...

6.4CVSS5.8AI score0.00531EPSS
Exploits0References3
Rows per page
Query Builder