Lucene search
K

375 matches found

CNNVD
CNNVD
added 2024/05/14 12:0 a.m.2 views

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.2AI score0.00508EPSS
Exploits0References6
CVE
CVE
added 2024/05/10 7:33 a.m.100 views

CVE-2024-4448

CVE-2024-4448 affects the WordPress plugin “Essential Addons for Elementor Lite” (formerly “Best Elementor Templates, Widgets, Kits & WooCommerce Builders”). The vulnerability is a stored cross-site scripting (XSS) in the plugin’s widgets Dual Color Header, Event Calendar, and Advanced Data Table...

6.4CVSS5.7AI score0.00508EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/05/10 2:8 a.m.5 views

WordPress Essential Addons for Elementor plugin <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Interactive Circles' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'Interactive Circles' vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Essential Addons for Elementor versions = 5.9.19...

6.4CVSS5.8AI score0.00343EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/10 12:0 a.m.10 views

WordPress Essential Addons for Elementor Plugin <= 5.9.19 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.19 Fixed in 5.9.20 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4275 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID cf3506099f76 Credits Ngô Thiên A...

6.4CVSS5.8AI score0.00343EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/10 12:0 a.m.4 views

PT-2024-31163 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.19 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'Fancy Text', 'Filter Gallery', 'Sticky Video', 'Content Ticker',...

6.4CVSS6.2AI score0.00343EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/10 12:0 a.m.3 views

PT-2024-30126 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.19 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Interactive Circle widget due to insufficient input sanitization a...

6.4CVSS6.2AI score0.00343EPSS
Exploits0References6
OSV
OSV
added 2024/05/02 5:15 p.m.2 views

CVE-2024-4003

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the eaelteammembersimagerounded parameter in the Team Members widget in all versions up to, and including, 5.9.15 due to...

5.4CVSS5.9AI score0.0048EPSS
Exploits0References2
OSV
OSV
added 2024/05/02 5:15 p.m.6 views

CVE-2024-3728

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery & Interactive Circle widgets in all versions up to, and including, 5.9.15 due to insufficient...

6.4CVSS6AI score0.00557EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/02 4:51 p.m.13 views

CVE-2024-4003 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the eaelteammembersimagerounded parameter in the Team Members widget in all versions up to, and including, 5.9.15 due to...

6.4CVSS6.1AI score0.0048EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.2 views

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6.5AI score0.0048EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.2 views

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6.1AI score0.00557EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.5 views

PT-2024-29444 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.17 Description: The issue is related to Stored Cross-Site Scripting via the eael event text color parameter due to insufficient input sanitization and...

6.4CVSS5.9AI score0.00602EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/05/01 6:19 a.m.4 views

WordPress Essential Addons for Elementor plugin <= 5.9.17 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Essential Addons for Elementor versions = 5.9.17...

6.4CVSS5.7AI score0.00602EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/25 2:31 a.m.4 views

WordPress Essential Addons for Elementor plugin <= 5.9.15 - Information Exposure vulnerability

Information Exposure vulnerability discovered by Webbernaut in WordPress Plugin Essential Addons for Elementor versions = 5.9.15...

5.3CVSS7AI score0.00496EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.3 views

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.7AI score0.00496EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.6 views

PT-2024-27482 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.15 Description: The issue allows unauthenticated attackers to extract posts that may be in private or draft status due to Sensitive Information Exposur...

5.3CVSS6.7AI score0.00496EPSS
Exploits0References5
OSV
OSV
added 2024/04/22 2:15 p.m.5 views

CVE-2024-3645

The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Counter widget in all versions up to, and including, 5.8.11 due to insufficient input sanitization and output escaping on user supplied attributes such as 'titlehtmltag'. This...

6.4CVSS5.9AI score0.00333EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/22 1:51 p.m.17 views

CVE-2024-3645 Essential Addons for Elementor Pro <= 5.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_html_tag'

The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Counter widget in all versions up to, and including, 5.8.11 due to insufficient input sanitization and output escaping on user supplied attributes such as 'titlehtmltag'. This...

6.4CVSS5.8AI score0.00333EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.3 views

WordPress plugin Essential Addons for Elementor Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.4CVSS6.8AI score0.00333EPSS
Exploits0References3
OSV
OSV
added 2024/04/17 12:15 p.m.4 views

CVE-2024-3333

The Essential Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attributes of widgets in all versions up to, and including, 5.9.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.9AI score0.00402EPSS
Exploits0References2
Rows per page
Query Builder