Lucene search
+L

76 matches found

NVD
NVD
added 2026/01/22 5:16 p.m.6 views

CVE-2025-68046

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...

6.5CVSS0.00355EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.3 views

CVE-2025-68046 WordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...

5.9AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.20 views

CVE-2025-68046 WordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...

6.5CVSS0.00355EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.5 views

CVE-2025-68046

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...

6.5CVSS5.4AI score0.00355EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

WordPress plugin Contact Form & Lead Form Elementor Builder has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

6.5CVSS5.8AI score0.00355EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.6 views

PT-2026-4070

Name of the Vulnerable Software and Affected Versions ThemeHunk Contact Form & Lead Form Elementor Builder versions through 2.0.1 Description A flaw exists in ThemeHunk Contact Form & Lead Form Elementor Builder that could allow retrieval of embedded sensitive data. The issue is related to the...

5.3AI score0.00355EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/20 10:33 a.m.7 views

WordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by benzdeus in WordPress Plugin Contact Form & Lead Form Elementor Builder versions = 2.0.1...

6.5CVSS5.4AI score0.00355EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.7 views

CVE-2022-23180

The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.7.4 doesn't have authorisation and nonce checks, which could allow any authenticated users, such as subscriber to update and change various settings...

4.3CVSS6.6AI score0.0053EPSS
Exploits2References1
NVD
NVD
added 2025/12/09 4:18 p.m.21 views

CVE-2025-67588

Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through = 3.33.0...

4.3CVSS0.00167EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/03 12:29 p.m.6 views

EUVD-2025-200980

The ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.5. This is due to missing nonce validation on the "postaddtolist" function as well as an incorrect permissions callback in the "Api/init"...

4.3CVSS5AI score0.00106EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-19732

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-28270

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00536EPSS
Exploits2References1
CNVD
CNVD
added 2025/06/17 12:0 a.m.6 views

WordPress Elementor Website Builder Pro plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Elementor Website Builder Pro plugin that stems from insufficient input cleanup and output escaping of the buttontex...

6.4CVSS6.4AI score0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.8 views

WordPress plugin Elementor Website Builder Pro 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Elementor Website Builder Pro plugin that stems from insufficient input cleanup and output escaping of the buttontex...

6.4CVSS5.8AI score0.00169EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.5 views

WordPress plugin The Plus Addons for Elementor Page Builder Lite 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin The Plus...

6.5CVSS5.9AI score0.00169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:4 p.m.9 views

CVE-2021-24967

The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.6.4 does not sanitise and escape some lead values, which could allow unauthenticated users to perform Cross-Site Scripting attacks against logged in admin viewing the inserted Leads...

6.1CVSS6.2AI score0.01167EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.6 views

WordPress plugin Elementor Website Builder Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

6.5CVSS8.5AI score0.00297EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.5 views

WordPress plugin The Plus Addons for Elementor Page Builder Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin The...

8.8CVSS6.4AI score0.00561EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/17 12:0 a.m.6 views

PT-2024-30840 · Elementor · The Plus Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder Lite versions n/a through 5.6.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...

6.5CVSS5.5AI score0.00279EPSS
Exploits0References7
OSV
OSV
added 2024/09/11 12:15 p.m.3 views

CVE-2024-5416

The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url parameter of multiple widgets in all versions up to, and including, 3.23.4 due to insufficient input sanitization and output escaping on user supplied...

5.4CVSS5.9AI score0.00372EPSS
Exploits0References7
Rows per page
Query Builder