21 matches found
CVE-2024-35674
Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates unlimited-elements-for-elementor.This issue affects Unlimited Elements For Elementor Free Widgets, Addons, Templates: from n/a through = 1.5.109...
CVE-2024-29792
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates unlimited-elements-for-elementor.This issue affects Unlimited Elements For Elementor Free Widgets, Addons,...
CVE-2024-49271
: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates allows : Command Injection.This issue affects Unlimited Elements For Elementor Free Widgets, Addons, Templates: from n/a...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.121 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.121...
CVE-2024-6171
The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...
CVE-2024-6166 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Time-Based SQL Injection
The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to time-based SQL Injection via the ‘addonsorder’ parameter in all versions up to, and including, 1.5.112 due to insufficient escaping on the user supplied parameter and lack of sufficient...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.112 is vulnerable to Cross Site Scripting (XSS)
Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.112 Fixed in 1.5.113 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6169 Patch priority Low CVSS severity Low 6.5 Developer Unlimited...
CVE-2023-31080
Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates.This issue affects Unlimited Elements For Elementor Free Widgets, Addons, Templates: from n/a through 1.5.65...
CVE-2023-31080
CVE-2023-31080 affects the WordPress plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) up to version 1.5.65. The issue is described as a Missing Authorization vulnerability rooted in Broken Access Control, allowing improper access to user metadata. Patchstack confirms a fi...
CVE-2024-5329 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.109 - Authenticated (Contributor+) Blind SQL Injection via data[addonID] Parameter
The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to blind SQL Injection via the ‘dataaddonID’ parameter in all versions up to, and including, 1.5.109 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...
CVE-2024-35674
Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates.This issue affects Unlimited Elements For Elementor Free Widgets, Addons, Templates: from n/a through 1.5.109...
CVE-2024-35674
Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates unlimited-elements-for-elementor.This issue affects Unlimited Elements For Elementor Free Widgets, Addons, Templates: from n/a through = 1.5.109...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.107 is vulnerable to Cross Site Scripting (XSS)
Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.107 Fixed in 1.5.108 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3190 Patch priority Low CVSS severity Low 6.5 Developer Unlimited...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.107 is vulnerable to SQL Injection
Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.107 Fixed in 1.5.108 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4779 Patch priority Low CVSS severity Low 8.5 Developer Unlimited Elements PSID 2c76236c1b5c...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.102 is vulnerable to Cross Site Scripting (XSS)
Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.102 Fixed in 1.5.103 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3547 Patch priority Medium CVSS severity Medium 7.1 Developer Unlimit...
CVE-2024-29792 WordPress Unlimited Elements for Elementor plugin <= 1.5.93 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates unlimited-elements-for-elementor.This issue affects Unlimited Elements For Elementor Free Widgets, Addons,...
VulnCheck KEV: CVE-2024-29792
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates unlimited-elements-for-elementor.This issue affects Unlimited Elements For Elementor Free Widgets, Addons,...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin < 1.5.75 is vulnerable to Cross Site Scripting (XSS)
Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions 1.5.75 Fixed in 1.5.75 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Unlimited Elements PSID...
CVE-2022-47170
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin = 1.5.48 versions...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.48 is vulnerable to Cross Site Scripting (XSS)
Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.48 Fixed in 1.5.49 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47170 Patch priority Low CVSS severity Low 5.9 Developer Unlimited...