58 matches found
EUVD-2024-36686
Malicious code in bioql PyPI...
EUVD-2024-30377
Malicious code in bioql PyPI...
EUVD-2024-42379
Malicious code in bioql PyPI...
EUVD-2025-31202
Malicious code in bioql PyPI...
EUVD-2024-43545
Malicious code in bioql PyPI...
CVE-2025-8200
The Mega Elements – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Timer widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-8200
The Mega Elements – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Timer widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-8200 Mega Elements – Addons for Elementor <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget
The Mega Elements – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Timer widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-8200
CVE-2025-8200 affects Mega Elements – Addons for Elementor (WordPress): Stored Cross-Site Scripting via the Countdown Timer widget in all versions up to 1.3.2, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires at least contributor-lev...
CVE-2025-8200 Mega Elements – Addons for Elementor <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget
The Mega Elements – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Timer widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress plugin Mega Elements – Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-39479
Name of the Vulnerable Software and Affected Versions Mega Elements – Addons for Elementor plugin for WordPress versions up to and including 1.3.2 Description The software contains a Stored Cross-Site Scripting issue within the Countdown Timer widget. Insufficient input sanitization and output...
WordPress Mega Elements plugin <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Timer Widget vulnerability discovered by zer0gh0st in WordPress Plugin Mega Elements versions = 1.3.2...
CVE-2024-32575
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9...
CVE-2024-47343
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kraft Plugins Mega Elements mega-elements-addons-for-elementor allows Stored XSS.This issue affects Mega Elements: from n/a through = 1.2.4...
CVE-2024-4702
The Mega Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button widget in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...
CVE-2024-37466
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kraftplugins Mega Elements.This issue affects Mega Elements: from n/a through 1.2.2...
CVE-2024-49693
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kraft Plugins Mega Elements mega-elements-addons-for-elementor allows Stored XSS.This issue affects Mega Elements: from n/a through = 1.2.6...
CVE-2024-49693
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.2.6...
CVE-2024-49693
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kraft Plugins Mega Elements mega-elements-addons-for-elementor allows Stored XSS.This issue affects Mega Elements: from n/a through = 1.2.6...