EUVD-2024-33296

Malicious code in bioql PyPI...

CVE-2024-12116

The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.2 via the 'uta-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...

CVE-2024-10796

The If-So Dynamic Content Personalization plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.2.1 via the 'ifso-show-post' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers...

CVE-2025-31529

Missing Authorization vulnerability in Rashid Slider Path for Elementor slider-path allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider Path for Elementor: from n/a through = 3.0.0...

CVE-2025-31529

CVE-2025-31529: Missing Authorization in Rashid Slider Path for Elementor affects Slider Path for Elementor up to version 3.0.0. Impact per CVSS 3.1: Network access, Privileges Required: Low, User Interaction: None, Confidentiality: None, Integrity: Low, Availability: None. Affected software is t...

CVE-2024-13841

The Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via the 'bse-elementor-template' shortcode due to insufficient restrictions on which posts can be included. This...

PT-2024-16464 · WordPress · Xltab

Name of the Vulnerable Software and Affected Versions: XLTab – Accordions and Tabs for Elementor Page Builder plugin for WordPress versions up to, and including, 1.4 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private or draft...