375 matches found
CVE-2023-7044 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom ID in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This makes it...
CVE-2023-7044
CVE-2023-7044 affects the WordPress plugin Essential Addons for Elementor (Best Elementor Templates, Widgets, Kits & WooCommerce Builders). It is a stored XSS via a custom ID in versions up to and including 5.9.2 caused by insufficient input sanitization and output escaping. Exploitation requires...
PT-2024-15186 · WordPress · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress versions up to, and including, 5.9.2 Description: The issue is related to Stored Cross-Site Scripting via custom ID due t...
WordPress Plugin Essential Addons for Elementor Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
CVE-2023-47840
Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...
CVE-2023-47840
CVE-2023-47840 affects Qode Essential Addons (
CVE-2023-47840 WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE)
Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...
WordPress Plugin Qode Essential Addons Code Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...
WordPress Essential Addons for Elementor Pro Plugin < 5.4.9 CSRF Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpdeveloper:essentialaddonsforelementor"; if description...
PT-2023-30640 · Qode Interactive · Qode Essential Addons
Name of the Vulnerable Software and Affected Versions: Qode Essential Addons versions 1.5.2 and earlier Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability. This vulnerability affects Qode Interactive Qode Essential Addons, allowing for co...
Qode Essential Addons < 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation
Description The Qode Essential Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the installplugin function in all versions up to, and including, 1.5.2. This makes it possible for authenticated attackers, with subscriber-level acce...
Exploit for Code Injection in Qodeinteractive Qode_Essential_Addons
CVE-2023-47840 Qode Essential Addons = 1.5.2 - Missing Aut...
WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE)
Software Qode Essential Addons Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A1: Broken Access Control Classification Remote Code Execution RCE CVE CVE-2023-47840 Patch priority High CVSS severity High 9.9 Developer Qode Interactive PSID 08030749500a Credits Brandon Roldan...
CVE-2023-32245
Cross-Site Request Forgery CSRF vulnerability in WPDeveloper Essential Addons for Elementor Pro.This issue affects Essential Addons for Elementor Pro: from n/a through 5.4.8...
CVE-2023-32245
CVE-2023-32245 affects WordPress Essential Addons for Elementor Pro (versions up to and including 5.4.8). Connected sources specify a Server-Side Request Forgery (SSRF) vulnerability that is unauthenticated. The issue is mitigated by upgrading to version 5.4.9 or later. Exploitation status is not...
CVE-2023-32245 WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Server Side Request Forgery (SSRF)
Cross-Site Request Forgery CSRF vulnerability in WPDeveloper Essential Addons for Elementor Pro.This issue affects Essential Addons for Elementor Pro: from n/a through 5.4.8...
WordPress Plugin Essential Addons for Elementor Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...
WordPress Essential Addons for Elementor Plugin <= 5.8.8 is vulnerable to Privilege Escalation
Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.8.8 Fixed in 5.8.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-41955 Patch priority High CVSS severity High 8.8 Developer WPDeveloper PSID 80be75758179...
PT-2023-28189 · WordPress · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Essential Addons for Elementor versions through 5.8.8 Description: The issue is related to Improper Privilege Management, allowing Privilege Escalation in the Essential Addons for Elementor plugin. It is estimated that over 1 million active...
CVE-2023-32241
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPDeveloper Essential Addons for Elementor Pro plugin = 5.4.8 versions...