Lucene search
K

381 matches found

Nuclei
Nuclei
added yesterday143 views

WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset

Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. id: CVE-2023-32243 info: name: WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset author:...

9.8CVSS7.1AI score0.75531EPSS
Exploits8References5
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-43160

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Authenticated Account Takeover via Email Header Injection in all versions up to, and including, 6.6.10 This is due to insufficient server-side validation of a Login/Register widget...

8.8CVSS6.1AI score0.00367EPSS
Exploits0References9
CVE
CVE
added 2 days ago14 views

CVE-2026-15155

The CVE-2026-15155 entry concerns the WordPress plugin Essential Addons for Elementor (

8.8CVSS6.1AI score0.00367EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-57416

Name of the Vulnerable Software and Affected Versions The Essential Addons for Elementor versions prior to 6.6.11 Description Insufficient server-side validation of a Login/Register widget setting allows authenticated attackers with Contributor-level access or higher to perform Email Header...

8.8CVSS6.1AI score0.00367EPSS
Exploits0References12
NVD
NVD
added 5 days ago8 views

CVE-2026-6459

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar widget in all versions up to, and including, 6.6.2 due to insufficient input sanitization and output escaping on event titles sourced...

6.4CVSS0.00187EPSS
Exploits0References3
CVE
CVE
added 5 days ago9 views

CVE-2026-6459

The CVE concerns The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress. A Stored Cross-Site Scripting vulnerability exists in the Event Calendar widget for all versions up to 6.6.2, caused by insufficient input sanitization and output escaping on event ti...

6.4CVSS6.1AI score0.00187EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-6459 Essential Addons for Elementor <= 6.6.2 - Authenticated (Author+) Stored Cross-Site Scripting via Event Calendar Widget Popup

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar widget in all versions up to, and including, 6.6.2 due to insufficient input sanitization and output escaping on event titles sourced...

6.4CVSS0.00187EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2026-36912

Unauthenticated Broken Access Control in Essential Addons for Elementor 6.6.0 versions...

5.3CVSS5.1AI score0.00214EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.10 views

CVE-2026-25440

Unauthenticated Broken Access Control in Essential Addons for Elementor 6.6.0 versions...

5.3CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.22 views

CVE-2026-25440

The CVE-2026-25440 entry concerns the WordPress plugin “Essential Addons for Elementor” (Lite) versions prior to 6.6.0, which contains an Unauthenticated Broken Access Control vulnerability. The issue is triggered in versions &lt;6.6.0 and can be exploited without authentication, with no user int...

5.3CVSS5.1AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:17 p.m.29 views

CVE-2026-25440 WordPress Essential Addons for Elementor plugin < 6.6.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Essential Addons for Elementor 6.6.0 versions...

5.3CVSS0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.8 views

PT-2026-49357

Unauthenticated Broken Access Control in Essential Addons for Elementor 6.6.0 versions...

5.3CVSS5.1AI score0.00214EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/11 10:42 a.m.98 views

Exploit for CVE-2026-7665

CVE-2026-7665 — Unauthenticated Information Disclosure in Esse...

5.3CVSS5.5AI score0.0515EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/07 8:59 a.m.17 views

CVE-2026-7665

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajaxloadmore function due to insufficient restrictions on which posts can be included. This makes it possible f...

5.3CVSS5.5AI score0.0515EPSS
Exploits1References1
NVD
NVD
added 2026/06/06 4:17 a.m.14 views

CVE-2026-7665

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajaxloadmore function due to insufficient restrictions on which posts can be included. This makes it possible f...

5.3CVSS0.0515EPSS
Exploits1References14
Vulnrichment
Vulnrichment
added 2026/06/06 2:28 a.m.9 views

CVE-2026-7665 Essential Addons for Elementor <= 6.6.4 - Missing Authorization to Unauthenticated Information Exposure via 'load_more' AJAX Handler

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajaxloadmore function due to insufficient restrictions on which posts can be included. This makes it possible f...

5.3CVSS5.5AI score0.0515EPSS
Exploits1References14
Cvelist
Cvelist
added 2026/06/06 2:28 a.m.44 views

CVE-2026-7665 Essential Addons for Elementor <= 6.6.4 - Missing Authorization to Unauthenticated Information Exposure via 'load_more' AJAX Handler

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajaxloadmore function due to insufficient restrictions on which posts can be included. This makes it possible f...

5.3CVSS0.0515EPSS
Exploits1References14
EUVD
EUVD
added 2026/06/06 2:28 a.m.14 views

EUVD-2026-34950

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajaxloadmore function due to insufficient restrictions on which posts can be included. This makes it possible f...

5.3CVSS5.5AI score0.0515EPSS
Exploits1References14
ATTACKERKB
ATTACKERKB
added 2026/06/06 2:28 a.m.11 views

CVE-2026-7665

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajaxloadmore function due to insufficient restrictions on which posts can be included. This makes it possible f...

5.3CVSS5.5AI score0.0515EPSS
Exploits1References15
CVE
CVE
added 2026/06/06 2:28 a.m.48 views

CVE-2026-7665

CVE-2026-7665 affects the WordPress plugin Essential Addons for Elementor (up to version 6.6.4). The issue arises in the ajax_load_more handler, with insufficient restrictions on which posts can be returned, enabling unauthenticated attackers to extract data from password-protected, private, or d...

5.3CVSS5.5AI score0.0515EPSS
Exploits1References14
Rows per page
Query Builder