57 matches found
PT-2025-24475 · Elfsight · Elfsight Contact Form Widget
Name of the Vulnerable Software and Affected Versions: elfsight Contact Form widget versions n/a through 2.3.1 Description: The issue allows exposure of sensitive system information to an unauthorized control sphere, enabling the retrieval of embedded sensitive data. Recommendations: For versions...
CVE-2024-10390
The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber-level access and...
CVE-2025-31587
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...
CVE-2025-31584
Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...
CVE-2025-31588
Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Cross Site Request Forgery.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...
WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...
WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...
WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...
CVE-2025-31587
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...
CVE-2025-31588
Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Cross Site Request Forgery.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...
CVE-2025-31584
Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...
CVE-2025-31588 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider allows Cross Site Request Forgery. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1...
CVE-2025-31588
CVE-2025-31588 is a CSRF vulnerability in the WordPress plugin Elfsight Testimonials Slider (elfsight-testimonials-slider) affecting versions up to 1.0.1. The CVE entry notes Cross Site Request Forgery that can change settings, with CVSS 3.1 base score 5.4 (Medium). The patch status/fix is not pr...
CVE-2025-31588 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Cross Site Request Forgery.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...
CVE-2025-31587 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...
CVE-2025-31587 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...
CVE-2025-31587
Technical details (affected versions, root cause, impact, remediation) for CVE-2025-31587 are not provided in the supplied documents beyond the initial description. Please monitor for updates from official advisories.
CVE-2025-31584
The CVE CVE-2025-31584 affects the WordPress plugin Elfsight Testimonials Slider (versions up to 1.0.1, including unspecified versions up to 1.0.1). The issue is described as a Missing Authorization / Broken Access Control vulnerability, indicating incorrect/misconfigured access controls that cou...
CVE-2025-31584 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1...
CVE-2025-31584 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...