Lucene search
K

185 matches found

CVE
CVE
added 2024/06/07 12:33 p.m.77 views

CVE-2024-5382

CVE-2024-5382 affects Master Addons – Free Widgets for Elementor (WordPress). A missing capability check on the ma-template REST API route allows unauthenticated attackers to create or modify Master Addons templates and related settings in all versions up to 2.0.6.1. The Red Hat advisory confirms...

6.5CVSS5.9AI score0.00319EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/07 12:33 p.m.13 views

CVE-2024-5542 Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.1 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Navigation Menu Widget

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0.6.1 due to insufficient inpu...

7.2CVSS6.1AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/07 12:33 p.m.21 views

CVE-2024-5542 Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.1 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Navigation Menu Widget

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0.6.1 due to insufficient inpu...

7.2CVSS0.00307EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/06/07 2:53 a.m.5 views

WordPress Master Addons plugin <= 2.0.6.1 - Missing Authorization to MA Template Creation or Modification vulnerability

Missing Authorization to MA Template Creation or Modification vulnerability discovered by Webbernaut in WordPress Plugin Master Addons for Elementor versions = 2.0.6.1...

6.5CVSS7AI score0.00319EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/06/07 12:0 a.m.2 views

WordPress plugin Master Addons security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

7.2CVSS6.1AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/07 12:0 a.m.3 views

WordPress plugin Master Addons security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

6.5CVSS6.8AI score0.00319EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/06/07 12:0 a.m.10 views

Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor < 2.0.6.2 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Navigation Menu Widget

Description The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0.6.1 due to...

7.2CVSS6AI score0.00307EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/06 10:48 a.m.3 views

WordPress Master Addons for Elementor plugin <= 2.0.6.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SouzaZinn Patchstack Alliance in WordPress Plugin Master Addons for Elementor versions = 2.0.6.0...

6.5CVSS6.1AI score0.00237EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/06 9:35 a.m.3 views

WordPress Master Addons for Elementor plugin <= 2.0.5.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Master Addons for Elementor versions = 2.0.5.9...

6.5CVSS6.1AI score0.00262EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.8 views

WordPress Master Addons for Elementor Plugin <= 2.0.5.9 is vulnerable to Cross Site Scripting (XSS)

Software Master Addons for Elementor Type Plugin Vulnerable versions = 2.0.5.9 Fixed in 2.0.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35688 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d87e60142c2c Credits Khalid Yusuf Required...

6.5CVSS6.7AI score0.00262EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/03 3:31 p.m.9 views

WordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on API vulnerability

Broken Access Control on API vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Master Addons for Elementor versions = 2.0.5.4.1...

9.8CVSS7AI score0.00397EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/03 12:0 a.m.15 views

WordPress Master Addons for Elementor Plugin <= 2.0.5.4.1 is vulnerable to Broken Access Control

Software Master Addons for Elementor Type Plugin Vulnerable versions = 2.0.5.4.1 Fixed in 2.0.5.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35660 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 7197d57368a4 Credits Khali...

9.8CVSS6.5AI score0.00397EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/05/16 10:15 p.m.2 views

CVE-2024-3134

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the titlehtmltag attribute in all versions up to, and including, 2.0.6.0 due to insufficient input sanitization and output escaping...

5.4CVSS5.9AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/16 9:30 p.m.17 views

CVE-2024-3134 Master Addons for Elementor <= 2.0.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the titlehtmltag attribute in all versions up to, and including, 2.0.6.0 due to insufficient input sanitization and output escaping...

6.4CVSS6AI score0.00257EPSS
Exploits0References2
OSV
OSV
added 2024/05/16 12:15 p.m.1 views

CVE-2024-4580

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 2.0.6.0 due to insufficient input sanitization and output escaping. This makes i...

5.4CVSS5.9AI score0.00329EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/16 11:33 a.m.11 views

CVE-2024-4580 Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 2.0.6.0 due to insufficient input sanitization and output escaping. This makes i...

6.4CVSS6AI score0.00329EPSS
Exploits0References4
CVE
CVE
added 2024/05/16 11:33 a.m.66 views

CVE-2024-4580

CVE-2024-4580 affects the Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor (WordPress). The vulnerability is a Stored Cross-Site Scripting flaw caused by insufficient input sanitization and output escaping in multiple parameters, making authenticated attac...

6.4CVSS6AI score0.00329EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/05/16 11:2 a.m.3 views

WordPress Master Addons for Elementor plugin <= 2.0.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by João G. Barbosa 4rCanJ0x! in WordPress Plugin Master Addons for Elementor versions = 2.0.6.0...

6.4CVSS5.7AI score0.00257EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.3 views

WordPress plugin Master Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS5.9AI score0.00329EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.3 views

PT-2024-31781 · WordPress · The Master Addons

Name of the Vulnerable Software and Affected Versions: The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress versions up to, and including, 2.0.6.0 Description: The issue is related to Stored Cross-Site Scripting due to insufficient inp...

6.4CVSS5.7AI score0.00329EPSS
Exploits0References11
Rows per page
Query Builder