262 matches found
CVE-2021-25027
CVE-2021-25027 affects the WordPress plugin PowerPack Addons for Elementor (versions before 2.6.2). The issue is a failure to escape the tab parameter when outputting it back into an HTML attribute in the admin dashboard, resulting in a reflected Cross-Site Scripting vulnerability. Impact describ...
WordPress plugin 跨站脚本漏洞
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin PowerPack Addons for Elementor, which stems from the program failing to escape...
PowerPack Addons for Elementor < 2.6.2 - Reflected Cross-Site Scripting
The plugin does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue...
PowerPack Addons for Elementor < 2.6.2 - Reflected Cross-Site Scripting
The plugin does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue PoC...
WordPress PowerPack Addons for Elementor plugin <= 2.6.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress PowerPack Addons for Elementor plugin versions = 2.6.1. Solution Update the WordPress PowerPack Addons for Elementor plugin to the latest available version at least 2.6.2...
WordPress Elementor Addons-PowerPack Addons for Elementor Cross-Site Scripting Vulnerability
WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Elementor Addons-PowerPack Addons for Elementor plugin versions prior to 2.3.2. An attacker can exploit this vulnerability to launch a cross-site scripting attack...
CVE-2021-24263
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24263
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
Cross site scripting
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24263 PowerPack Addons for Elementor < 2.3.2 - Contributor+ Stored XSS
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24263
CVE-2021-24263 affects the WordPress plugin “Elementor Addons – PowerPack Addons for Elementor” prior to version 2.3.2. Concrete details from connected sources show multiple widgets (e.g., Advanced accordion, Counter, and others) are vulnerable to stored XSS by low-privilege users such as contrib...
WordPress 插件跨站脚本漏洞
WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Elementor Addons-PowerPack Addons for Elementor plugin versions prior to 2.3.2. An attacker can exploit this vulnerability to launch a cross-site scripting attack...
WordPress PowerPack Addons for Elementor plugin <= 2.3.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities discovered by WordFence in WordPress PowerPack Addons for Elementor plugin versions = 2.3.1. Solution Update the WordPress PowerPack Addons for Elementor plugin to the latest available version at least 2.3.2...
PowerPack Addons for Elementor < 2.3.2 - Contributor+ Stored XSS
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “Advanced accordion” widget accepts a...
MDVA-2009:063 : mdkonline
This update fixes several issues with mdkapplet. On 2009.1 PowerPack, mdkonline wrongly set up the 2009.0 restricted media instead of the 2009.1 ones 50478. Mdkapplet checks once a day if a new distribution is availlable. When checking again for updates every 3 hoours by default, mdkapplet forgot...
Mandriva Update for flashplayer MDVA-2010:117 (flashplayer)
Check for the Version of flashplayer OpenVAS Vulnerability Test Mandriva Update for flashplayer MDVA-2010:117 flashplayer Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
MDVA-2010:117 : flashplayer
Dependency problems was discovered on Mandriva Linux 2009.0 Powerpack x8664 which prevented the flashplayer and libsmbclient0 packages to install smoothly using MandrivaUpdate. This advisory provides the missing packages. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the...
MDVA-2008:201 : mdkonline
This package update adds support for automatically configuring additional software repositories Restricted / Restricted Updates for registered Powerpack users. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on...
Mandriva Update for mdkonline MDVA-2008:201 (mdkonline)
Check for the Version of mdkonline OpenVAS Vulnerability Test Mandriva Update for mdkonline MDVA-2008:201 mdkonline Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for mdkonline MDVA-2008:201 (mdkonline)
Check for the Version of mdkonline OpenVAS Vulnerability Test Mandriva Update for mdkonline MDVA-2008:201 mdkonline Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...