51 matches found
CVE-2024-24843 WordPress PowerPack Pro for Elementor Plugin < 2.10.8 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in PowerPack Addons for Elementor PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a before 2.10.8...
PT-2024-20611 · Unknown · Powerpack Pro For Elementor
Name of the Vulnerable Software and Affected Versions: PowerPack Pro for Elementor versions prior to 2.10.8 Description: A Cross-Site Request Forgery CSRF issue affects the PowerPack Pro for Elementor. This issue allows for malicious requests to be made on behalf of a user without their knowledge...
PowerPack Pro for Elementor < 2.10.8 - Missing Authorization to Settings Reset
Description The PowerPack Pro for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in all versions up to, and including, 2.10.6. This makes it possible for unauthenticated attackers to reset plugin settings...
WordPress PowerPack Pro for Elementor Plugin <= 2.10.6 is vulnerable to Settings Change
Software PowerPack Pro for Elementor Type Plugin Vulnerable versions = 2.10.6 Fixed in 2.10.8 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-24844 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ad539f87b78f Credits Dave Jong Patchstac...
WordPress PowerPack Pro for Elementor Plugin < 2.10.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software PowerPack Pro for Elementor Type Plugin Vulnerable versions 2.10.8 Fixed in 2.10.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-24843 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 81a4db4a6962 Credits Dave Jo...
CVE-2023-49739
Vulnerability in IdeaBox Creations PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a through 2.9.23...
CVE-2023-49739 WordPress PowerPack Pro for Elementor plugin <= 2.9.23 - Reflected Cross Site Scripting (XSS) vulnerability
Vulnerability in IdeaBox Creations PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a through 2.9.23...
CVE-2023-49739 WordPress PowerPack Pro for Elementor plugin <= 2.9.23 - Reflected Cross Site Scripting (XSS) vulnerability
Vulnerability in IdeaBox Creations PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a through 2.9.23...
PowerPack Pro for Elementor < 2.9.24 - Reflected Cross-Site Scripting
Description The PowerPack Pro for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.9.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
VulnCheck KEV: CVE-2023-49739
Vulnerability in IdeaBox Creations PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a through 2.9.23...
WordPress PowerPack Pro for Elementor Plugin <= 2.9.23 is vulnerable to Cross Site Scripting (XSS)
Software PowerPack Pro for Elementor Type Plugin Vulnerable versions = 2.9.23 Fixed in 2.9.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49739 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2b872117ab59 Credits Rafie Muhammad...