CVE-2026-5193

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.5.13. This is due to insufficient role validation in the 'registeruser' function, which only blocks the 'administrator' rol...

WordPress plugin Essential Addons for Elementor – Popular Elementor Templates & Widgets 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress RomethemeKit For Elementor plugin <= 1.5.2 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates vulnerability

Authenticated Contributor+ Sensitive Information Exposure via Elementor Templates vulnerability discovered by Ankit Patel in WordPress Plugin RTMKit versions = 1.5.2...

EUVD-2025-163776

Missing Authorization vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPKoi Templates for Elementor: from n/a through = 3.4.4...

CVE-2025-64274

Missing Authorization vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPKoi Templates for Elementor: from n/a through = 3.4.4...

EUVD-2024-44067

Malicious code in bioql PyPI...

EUVD-2024-42894

Malicious code in bioql PyPI...

EUVD-2024-49429

Malicious code in bioql PyPI...

EUVD-2024-31276

Malicious code in bioql PyPI...

EUVD-2024-27914

Malicious code in bioql PyPI...

EUVD-2024-35220

Malicious code in bioql PyPI...

EUVD-2024-52373

Malicious code in bioql PyPI...

EUVD-2024-45484

Malicious code in bioql PyPI...

EUVD-2024-17284

Malicious code in bioql PyPI...

EUVD-2024-32569

Malicious code in bioql PyPI...

PT-2025-38849

Name of the Vulnerable Software and Affected Versions WPKoi Templates for Elementor versions through 3.4.1 Description A flaw exists in WPKoi Templates for Elementor that allows for DOM-Based Cross-site Scripting XSS. This issue arises from improper neutralization of input during web page...

CVE-2025-6253 UiCore Elements <= 1.3.0 - Missing Authorization to Unauthenticated Arbitrary File Read

The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.3.0 via the preparetemplate function due to a missing capability check and insufficient controls on the filename specified. This makes it...

PT-2025-32628 · WordPress · Uicore Elements

Name of the Vulnerable Software and Affected Versions: UiCore Elements – Free Elementor widgets and templates for WordPress versions up to and including 1.3.0 Description: The plugin is susceptible to arbitrary file reading via the prepare template function. This is due to a missing capability...

CVE-2024-48022

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SysBasics Shortcode For Elementor Templates allows Stored XSS.This issue affects Shortcode For Elementor Templates: from n/a through 1.0.0...

CVE-2024-35167

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a through 1.4.8...