Lucene search
K

44 matches found

Patchstack
Patchstack
added 2026/02/02 8:51 a.m.5 views

WordPress Happy Addons for Elementor plugin <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Accordion vulnerability discovered by Thanh Nam Tran in WordPress Plugin Happy Addons for Elementor versions = 3.10.9...

6.4CVSS5.2AI score0.00325EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/13 6:30 p.m.4 views

EUVD-2025-203249

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Slider, Pricing Calculator, and Image Accordion widgets in all versions up to, and including, 51.1.39 due to insufficient input sanitization and output escaping on user supplie...

6.4CVSS4.7AI score0.00155EPSS
Exploits0References3
NVD
NVD
added 2025/12/13 4:16 p.m.7 views

CVE-2025-7960

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Slider, Pricing Calculator, and Image Accordion widgets in all versions up to, and including, 51.1.39 due to insufficient input sanitization and output escaping on user supplie...

6.4CVSS0.00155EPSS
Exploits0References2
CVE
CVE
added 2025/12/13 8:21 a.m.15 views

CVE-2025-7960

CVE-2025-7960 - King Addons for Elementor (WordPress) is an authenticated (Contributor+) stored XSS affecting the Pricing Slider, Pricing Calculator, and Image Accordion widgets in all versions up to 51.1.39. The root cause is insufficient input sanitization and output escaping on user-supplied a...

6.4CVSS4.7AI score0.00155EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/13 8:21 a.m.3 views

CVE-2025-7960 King Addons for Elementor <= 51.1.39 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Slider, Pricing Calculator, and Image Accordion widgets in all versions up to, and including, 51.1.39 due to insufficient input sanitization and output escaping on user supplie...

6.4CVSS4.7AI score0.00155EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/13 12:0 a.m.4 views

PT-2025-51104

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Slider, Pricing Calculator, and Image Accordion widgets in all versions up to, and including, 51.1.39 due to insufficient input sanitization and output escaping on user supplie...

6.4CVSS5AI score0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.3 views

WordPress plugin King Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripti...

6.4CVSS6AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-32229

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00423EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-31730

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00685EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-51666

Malicious code in bioql PyPI...

6.4CVSS9.2AI score0.00237EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-1963

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00332EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27009

Malicious code in bioql PyPI...

6.4CVSS8.6AI score0.00469EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:6 a.m.7 views

CVE-2024-3129

A vulnerability was found in SourceCodester Image Accordion Gallery App 1.0. It has been classified as critical. This affects an unknown part of the file /endpoint/add-image.php. The manipulation of the argument imagename leads to unrestricted upload. It is possible to initiate the attack remotel...

6.5CVSS6.9AI score0.00685EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:34 a.m.12 views

CVE-2024-13547

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions up to, and including, 1.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00237EPSS
Exploits0References1
OSV
OSV
added 2025/02/15 10:15 a.m.3 views

CVE-2025-1005

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion widget in all versions up to, and including, 3.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS6AI score0.00332EPSS
Exploits0References4
NVD
NVD
added 2025/02/15 10:15 a.m.16 views

CVE-2025-1005

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion widget in all versions up to, and including, 3.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00332EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/15 9:24 a.m.20 views

CVE-2025-1005 ElementsKit Elementor addons <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion widget in all versions up to, and including, 3.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00332EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/15 12:0 a.m.4 views

WordPress plugin ElementsKit Elementor addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS7.7AI score0.00332EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/02/15 12:0 a.m.6 views

PT-2025-6820 · WordPress · Elementskit Elementor Addons

Name of the Vulnerable Software and Affected Versions: ElementsKit Elementor addons plugin for WordPress versions up to, and including, 3.4.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Image Accordion widget due to insufficient input sanitization and output...

6.4CVSS7.9AI score0.00332EPSS
Exploits0References12
Patchstack
Patchstack
added 2025/02/14 10:33 p.m.7 views

WordPress ElementsKit Elementor addons plugin <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Accordion Widget vulnerability discovered by Webbernaut in WordPress Plugin ElementsKit Elementor addons Lite versions = 3.4.0...

6.4CVSS8.6AI score0.00332EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder