Lucene search
+L

321 matches found

Patchstack
Patchstack
added 2026/02/02 9:2 a.m.5 views

WordPress Happy Addons for Elementor plugin <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Event Calendar Widget vulnerability discovered by stealthcopter in WordPress Plugin Happy Addons for Elementor versions = 3.10.7...

6.4CVSS5.3AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 8:51 a.m.5 views

WordPress Happy Addons for Elementor plugin <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Accordion vulnerability discovered by Thanh Nam Tran in WordPress Plugin Happy Addons for Elementor versions = 3.10.9...

6.4CVSS5.2AI score0.00325EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 8:50 a.m.8 views

WordPress Happy Addons for Elementor plugin <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Thanh Nam Tran in WordPress Plugin Happy Addons for Elementor versions = 3.10.8...

6.4CVSS5.2AI score0.00364EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.6 views

CVE-2025-68999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...

8.5CVSS5.6AI score0.00253EPSS
Exploits2References1
Patchstack
Patchstack
added 2026/01/23 6:58 p.m.7 views

WordPress Happy Addons for Elementor plugin <= 3.20.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by knani alaaeddine iwd in WordPress Plugin Happy Addons for Elementor versions = 3.20.4...

8.5CVSS5.8AI score0.00253EPSS
Exploits2Affected Software1
NVD
NVD
added 2026/01/22 5:16 p.m.8 views

CVE-2025-68999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...

8.5CVSS0.00253EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.23 views

CVE-2025-68999 WordPress Happy Addons for Elementor plugin <= 3.20.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...

8.5CVSS0.00253EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.2 views

CVE-2025-68999 WordPress Happy Addons for Elementor plugin <= 3.20.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...

8.5CVSS5.9AI score0.00253EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.4 views

CVE-2025-68999

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...

8.5CVSS5.6AI score0.00253EPSS
Exploits2References2
CVE
CVE
added 2026/01/22 4:52 p.m.25 views

CVE-2025-68999

CVE-2025-68999 affects Happy Addons for Elementor (HappyMonster)

8.5CVSS5.6AI score0.00253EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.11 views

PT-2026-4117

Name of the Vulnerable Software and Affected Versions Happy Addons for Elementor versions through 3.20.4 Description A flaw exists in Happy Addons for Elementor that allows for Blind SQL Injection. This is due to improper neutralization of special elements within SQL commands. The API endpoint is...

8.5CVSS5.5AI score0.00253EPSS
Exploits2References4
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

WordPress plugin Happy Addons for Elementor SQL injection vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

8.5CVSS5.8AI score0.00253EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:14 a.m.7 views

CVE-2024-2788

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Title HTML Tag in all versions up to, and including, 3.10.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS7.4AI score0.00361EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.9 views

WordPress Happy Addons for Elementor plugin <= 3.12.2 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Happy Addons for Elementor versions = 3.12.2...

6.4CVSS5.3AI score0.00292EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/24 11:37 a.m.5 views

CVE-2025-14635

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hapagecustomjs' parameter in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 12:15 p.m.5 views

CVE-2025-14635

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hapagecustomjs' parameter in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00256EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/23 11:13 a.m.5 views

EUVD-2025-204795

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hapagecustomjs' parameter in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS4.7AI score0.00256EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/23 11:13 a.m.28 views

CVE-2025-14635 Happy Addons for Elementor <= 3.20.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hapagecustomjs' parameter in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00256EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/23 11:13 a.m.3 views

CVE-2025-14635 Happy Addons for Elementor <= 3.20.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hapagecustomjs' parameter in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS4.8AI score0.00256EPSS
Exploits0References4
CVE
CVE
added 2025/12/23 11:13 a.m.19 views

CVE-2025-14635

CVE-2025-14635 concerns the Happy Addons for Elementor WordPress plugin. The connected Wordfence report explicitly ties this to an authenticated stored cross-site scripting (XSS) vulnerability via the ha_page_custom_js parameter, affecting version range up to and including 3.20.3. Root cause: ins...

6.4CVSS4.8AI score0.00256EPSS
Exploits0References4
Rows per page
Query Builder