Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2026/02/19 8:27 a.m.4 views

CVE-2026-25416 WordPress News Kit Elementor Addons plugin <= 1.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through = 1.4.2...

4.3CVSS5.5AI score0.00185EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-21665

Malicious code in bioql PyPI...

5.4CVSS6.4AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-9829

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00341EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/18 11:23 a.m.5 views

CVE-2025-8446

The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized limited plugin install due to a missing capability check on the 'blazedemoimporterinstallplugin' function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with...

4.3CVSS5AI score0.00219EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.5 views

PT-2025-37921

Name of the Vulnerable Software and Affected Versions: Blaze Demo Importer plugin for WordPress versions through 1.0.12 Description: The Blaze Demo Importer plugin for WordPress is susceptible to unauthorized limited plugin installation due to a missing capability check within the blaze demo...

4.3CVSS5.7AI score0.00219EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/07/18 10:59 a.m.5 views

CVE-2025-54037

Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through = 1.3.4...

5.4CVSS5.9AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/06 5:12 p.m.8 views

CVE-2025-32196

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through = 1.4.2...

6.5CVSS7.2AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2025/04/04 4:15 p.m.4 views

CVE-2025-32196

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through = 1.4.2...

6.5CVSS0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/22 7:36 a.m.12 views

CVE-2024-9541 News Kit Elementor Addons <= 1.2.1 - Authenticated (Contributor+) Sensitive Information Exposure via Canvas Menu Elementor Template

The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.1 via the render function in includes/widgets/canvas-menu/canvas-menu.php. This makes it possible for authenticated attackers, with Contributor-level access...

4.3CVSS6.7AI score0.00335EPSS
Exploits0References2
Rows per page
Query Builder