Lucene search
K

57 matches found

Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.10 views

PT-2025-24475 · Elfsight · Elfsight Contact Form Widget

Name of the Vulnerable Software and Affected Versions: elfsight Contact Form widget versions n/a through 2.3.1 Description: The issue allows exposure of sensitive system information to an unauthorized control sphere, enabling the retrieval of embedded sensitive data. Recommendations: For versions...

7.5CVSS7.3AI score0.00385EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 6:40 a.m.5 views

CVE-2024-10390

The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber-level access and...

6.4CVSS6.6AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 1:43 p.m.13 views

CVE-2025-31587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.9CVSS7.2AI score0.00249EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 1:43 p.m.18 views

CVE-2025-31584

Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.4CVSS7.2AI score0.00301EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 1:37 p.m.6 views

CVE-2025-31588

Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Cross Site Request Forgery.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.4CVSS7.2AI score0.00145EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/31 2:4 p.m.4 views

WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...

5.4CVSS6.9AI score0.00145EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 2:4 p.m.3 views

WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...

5.9CVSS6.1AI score0.00249EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/31 2:3 p.m.4 views

WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...

5.4CVSS7AI score0.00301EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/31 1:15 p.m.6 views

CVE-2025-31587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.9CVSS0.00249EPSS
Exploits0References1
NVD
NVD
added 2025/03/31 1:15 p.m.4 views

CVE-2025-31588

Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Cross Site Request Forgery.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.4CVSS0.00145EPSS
Exploits0References1
NVD
NVD
added 2025/03/31 1:15 p.m.7 views

CVE-2025-31584

Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.4CVSS0.00301EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 12:55 p.m.4 views

CVE-2025-31588 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider allows Cross Site Request Forgery. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1...

5.4CVSS6.9AI score0.00145EPSS
Exploits0References1
CVE
CVE
added 2025/03/31 12:55 p.m.50 views

CVE-2025-31588

CVE-2025-31588 is a CSRF vulnerability in the WordPress plugin Elfsight Testimonials Slider (elfsight-testimonials-slider) affecting versions up to 1.0.1. The CVE entry notes Cross Site Request Forgery that can change settings, with CVSS 3.1 base score 5.4 (Medium). The patch status/fix is not pr...

5.4CVSS7.2AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 12:55 p.m.19 views

CVE-2025-31588 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Cross Site Request Forgery.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.4CVSS0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 12:55 p.m.16 views

CVE-2025-31587 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.9CVSS0.00249EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 12:55 p.m.7 views

CVE-2025-31587 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.9CVSS7.2AI score0.00249EPSS
Exploits0References1
CVE
CVE
added 2025/03/31 12:55 p.m.55 views

CVE-2025-31587

Technical details (affected versions, root cause, impact, remediation) for CVE-2025-31587 are not provided in the supplied documents beyond the initial description. Please monitor for updates from official advisories.

5.9CVSS7.2AI score0.00249EPSS
Exploits0References1
CVE
CVE
added 2025/03/31 12:55 p.m.56 views

CVE-2025-31584

The CVE CVE-2025-31584 affects the WordPress plugin Elfsight Testimonials Slider (versions up to 1.0.1, including unspecified versions up to 1.0.1). The issue is described as a Missing Authorization / Broken Access Control vulnerability, indicating incorrect/misconfigured access controls that cou...

5.4CVSS7.2AI score0.00301EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 12:55 p.m.8 views

CVE-2025-31584 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1...

5.4CVSS6.9AI score0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 12:55 p.m.20 views

CVE-2025-31584 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.4CVSS0.00301EPSS
Exploits0References1
Rows per page
Query Builder