Lucene search
K

262 matches found

CVE
CVE
added 2022/01/03 12:49 p.m.43 views

CVE-2021-25027

CVE-2021-25027 affects the WordPress plugin PowerPack Addons for Elementor (versions before 2.6.2). The issue is a failure to escape the tab parameter when outputting it back into an HTML attribute in the admin dashboard, resulting in a reflected Cross-Site Scripting vulnerability. Impact describ...

6.1CVSS6.1AI score0.00876EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2022/01/03 12:0 a.m.5 views

WordPress plugin 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin PowerPack Addons for Elementor, which stems from the program failing to escape...

6.1CVSS5.3AI score0.00876EPSS
Exploits2References3
wpexploit
wpexploit
added 2021/12/06 12:0 a.m.49 views

PowerPack Addons for Elementor < 2.6.2 - Reflected Cross-Site Scripting

The plugin does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS2.1AI score0.00876EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2021/12/06 12:0 a.m.17 views

PowerPack Addons for Elementor < 2.6.2 - Reflected Cross-Site Scripting

The plugin does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue PoC...

6.1CVSS0.7AI score0.00876EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2021/12/06 12:0 a.m.27 views

WordPress PowerPack Addons for Elementor plugin <= 2.6.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress PowerPack Addons for Elementor plugin versions = 2.6.1. Solution Update the WordPress PowerPack Addons for Elementor plugin to the latest available version at least 2.6.2...

6.1CVSS3.6AI score0.00876EPSS
Exploits2References3Affected Software1
CNVD
CNVD
added 2021/05/10 12:0 a.m.6 views

WordPress Elementor Addons-PowerPack Addons for Elementor Cross-Site Scripting Vulnerability

WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Elementor Addons-PowerPack Addons for Elementor plugin versions prior to 2.3.2. An attacker can exploit this vulnerability to launch a cross-site scripting attack...

5.4CVSS6AI score0.00663EPSS
Exploits1References1
NVD
NVD
added 2021/05/05 7:15 p.m.17 views

CVE-2021-24263

The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4CVSS0.00663EPSS
Exploits1References2
OSV
OSV
added 2021/05/05 7:15 p.m.3 views

CVE-2021-24263

The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4CVSS6.1AI score0.00663EPSS
Exploits1References2
Prion
Prion
added 2021/05/05 7:15 p.m.14 views

Cross site scripting

The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

3.5CVSS5.2AI score0.00663EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/05/05 6:28 p.m.23 views

CVE-2021-24263 PowerPack Addons for Elementor < 2.3.2 - Contributor+ Stored XSS

The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.5AI score0.00663EPSS
Exploits1References2
CVE
CVE
added 2021/05/05 6:28 p.m.50 views

CVE-2021-24263

CVE-2021-24263 affects the WordPress plugin “Elementor Addons – PowerPack Addons for Elementor” prior to version 2.3.2. Concrete details from connected sources show multiple widgets (e.g., Advanced accordion, Counter, and others) are vulnerable to stored XSS by low-privilege users such as contrib...

5.4CVSS5.3AI score0.00663EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/05/05 12:0 a.m.5 views

WordPress 插件跨站脚本漏洞

WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Elementor Addons-PowerPack Addons for Elementor plugin versions prior to 2.3.2. An attacker can exploit this vulnerability to launch a cross-site scripting attack...

5.4CVSS5.3AI score0.00663EPSS
Exploits1References3
Patchstack
Patchstack
added 2021/04/13 12:0 a.m.7 views

WordPress PowerPack Addons for Elementor plugin <= 2.3.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities discovered by WordFence in WordPress PowerPack Addons for Elementor plugin versions = 2.3.1. Solution Update the WordPress PowerPack Addons for Elementor plugin to the latest available version at least 2.3.2...

3.2AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/13 12:0 a.m.27 views

PowerPack Addons for Elementor < 2.3.2 - Contributor+ Stored XSS

The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “Advanced accordion” widget accepts a...

3.5CVSS1.3AI score0.00663EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/07/30 12:0 a.m.18 views

MDVA-2009:063 : mdkonline

This update fixes several issues with mdkapplet. On 2009.1 PowerPack, mdkonline wrongly set up the 2009.0 restricted media instead of the 2009.1 ones 50478. Mdkapplet checks once a day if a new distribution is availlable. When checking again for updates every 3 hoours by default, mdkapplet forgot...

6.9AI score
Exploits0References1
OpenVAS
OpenVAS
added 2010/04/16 12:0 a.m.26 views

Mandriva Update for flashplayer MDVA-2010:117 (flashplayer)

Check for the Version of flashplayer OpenVAS Vulnerability Test Mandriva Update for flashplayer MDVA-2010:117 flashplayer Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

7.5CVSS0.4AI score0.0137EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2010/04/14 12:0 a.m.12 views

MDVA-2010:117 : flashplayer

Dependency problems was discovered on Mandriva Linux 2009.0 Powerpack x8664 which prevented the flashplayer and libsmbclient0 packages to install smoothly using MandrivaUpdate. This advisory provides the missing packages. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.9 views

MDVA-2008:201 : mdkonline

This package update adds support for automatically configuring additional software repositories Restricted / Restricted Updates for registered Powerpack users. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on...

7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.9 views

Mandriva Update for mdkonline MDVA-2008:201 (mdkonline)

Check for the Version of mdkonline OpenVAS Vulnerability Test Mandriva Update for mdkonline MDVA-2008:201 mdkonline Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.12 views

Mandriva Update for mdkonline MDVA-2008:201 (mdkonline)

Check for the Version of mdkonline OpenVAS Vulnerability Test Mandriva Update for mdkonline MDVA-2008:201 mdkonline Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

7.4AI score
Exploits0References2
Rows per page
Query Builder