24 matches found
EUVD-2025-23423
Malicious code in bioql PyPI...
EUVD-2024-50556
Malicious code in bioql PyPI...
EUVD-2024-40806
Malicious code in bioql PyPI...
CVE-2025-8212 Medical Addon for Elementor <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter Widget
The Medical Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typewriter widget in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8212
CVE-2025-8212 affects the WordPress plugin Medical Addon for Elementor. The issue is a Stored Cross-Site Scripting (XSS) in the Typewriter widget across all versions up to 1.6.3, caused by insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requires authe...
CVE-2025-8212 Medical Addon for Elementor <= 1.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter Widget
The Medical Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typewriter widget in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress plugin Medical Addon for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
PT-2025-31727 · WordPress · Medical Addon For Elementor
Name of the Vulnerable Software and Affected Versions: Medical Addon for Elementor plugin for WordPress versions prior to 1.6.4 Description: The Medical Addon for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting via the Typewriter widget. Insufficient input sanitizatio...
WordPress Medical Addon for Elementor plugin <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typewriter Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Typewriter Widget vulnerability discovered by zer0gh0st in WordPress Plugin Medical Addon for Elementor versions = 1.6.3...
CVE-2024-44024
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicheaddons Medical Addon for Elementor medical-addon-for-elementor allows Stored XSS.This issue affects Medical Addon for Elementor: from n/a through = 1.6.4...
CVE-2024-12046
The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.2 via the 'namedicalelementortemplate' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers,...
CVE-2024-12046
Medical Addon for Elementor (WordPress)
CVE-2024-12046 Medical Addon for Elementor <= 1.6.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via Shortcode
The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.2 via the 'namedicalelementortemplate' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers,...
CVE-2024-12046 Medical Addon for Elementor <= 1.6.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via Shortcode
The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.2 via the 'namedicalelementortemplate' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers,...
WordPress plugin Medical Addon for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2025-1736 · WordPress · Medical Addon For Elementor
Name of the Vulnerable Software and Affected Versions: Medical Addon for Elementor plugin for WordPress versions up to, and including, 1.6.2 Description: The issue allows authenticated attackers with Contributor-level access and above to read the content of draft, pending, and private posts due t...
WordPress Medical Addon for Elementor plugin <= 1.6.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via Shortcode vulnerability
Insecure Direct Object Reference to Authenticated Contributor+ Sensitive Information Exposure via Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Medical Addon for Elementor versions = 1.6.2...
CVE-2024-44024
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicheaddons Medical Addon for Elementor medical-addon-for-elementor allows Stored XSS.This issue affects Medical Addon for Elementor: from n/a through = 1.6.4...
CVE-2024-44024 WordPress Medical Addon for Elementor plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicheaddons Medical Addon for Elementor medical-addon-for-elementor allows Stored XSS.This issue affects Medical Addon for Elementor: from n/a through = 1.6.4...
CVE-2024-44024 WordPress Medical Addon for Elementor plugin <= 1.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in NicheAddons Medical Addon for Elementor allows Stored XSS.This issue affects Medical Addon for Elementor: from n/a through 1.4...