Lucene search
+L

386 matches found

RedhatCVE
RedhatCVE
added 2025/12/24 9:39 a.m.16 views

CVE-2025-14163

The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...

4.3CVSS5.3AI score0.00133EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.4 views

WordPress plugin Premium Addons for Elementor 安全漏洞

WordPress Premium Addons for Elementor Plugin is a premium extension plugin developed for the Elementor page builder designed for WordPress websites. WordPress Premium Addons for Elementor Plugin suffers from an information disclosure vulnerability that stems from the exposure of sensitive system...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.8 views

PT-2025-53075

Name of the Vulnerable Software and Affected Versions Leap13 Premium Addons for Elementor versions through 4.11.53 Description A flaw exists in Leap13 Premium Addons for Elementor that could allow unauthorized retrieval of sensitive data. The issue involves the exposure of sensitive system...

7.5CVSS6.1AI score0.00305EPSS
Exploits0References4
OSV
OSV
added 2025/12/23 10:15 a.m.3 views

CVE-2025-14163

The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...

4.3CVSS5.7AI score0.00133EPSS
Exploits0References4
NVD
NVD
added 2025/12/23 10:15 a.m.13 views

CVE-2025-14163

The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...

4.3CVSS0.00133EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/23 9:20 a.m.3 views

CVE-2025-14163 Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template'

The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...

4.3CVSS4.9AI score0.00133EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/23 9:20 a.m.32 views

CVE-2025-14163 Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template'

The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...

4.3CVSS0.00133EPSS
Exploits0References5
CVE
CVE
added 2025/12/23 9:20 a.m.22 views

CVE-2025-14163

CVE-2025-14163 : The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation in insert_inner_template. This enables unauthenticated attackers to forge requests and cause creation of arbitrary Elementor templates, by tricking a ...

4.3CVSS4.9AI score0.00133EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2025/12/23 9:19 a.m.24 views

CVE-2025-14155

Premium Addons for Elementor (WordPress)

5.3CVSS4.9AI score0.00715EPSS
In wildExploits0References5Affected Software1
Cvelist
Cvelist
added 2025/12/23 9:19 a.m.28 views

CVE-2025-14155 Premium Addons for Elementor <= 4.11.53 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content'

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gettemplatecontent' function in all versions up to, and including, 4.11.53. This makes it possible for...

5.3CVSS0.00715EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/23 12:0 a.m.11 views

PT-2025-52732

Name of the Vulnerable Software and Affected Versions Premium Addons for Elementor versions prior to 4.11.54 Description The Premium Addons for Elementor plugin for WordPress is susceptible to Cross-Site Request Forgery. This is caused by a lack of nonce validation within the insert inner templat...

4.3CVSS6.3AI score0.00133EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.4 views

WordPress plugin Premium Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

5.3CVSS6.4AI score0.00715EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/23 12:0 a.m.6 views

PT-2025-52731

Name of the Vulnerable Software and Affected Versions Premium Addons for Elementor versions prior to 4.11.54 Description The Premium Addons for Elementor plugin for WordPress has a flaw that allows unauthorized access to data. A missing capability check on the get template content function allows...

5.3CVSS6.4AI score0.00715EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.6 views

WordPress plugin Premium Addons for Elementor 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.5AI score0.00133EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/12/22 11:50 p.m.6 views

WordPress Premium Addons for Elementor plugin <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template' vulnerability

Cross-Site Request Forgery via 'insertinnertemplate' vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Premium Addons for Elementor versions = 4.11.53...

4.3CVSS6.8AI score0.00133EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/12/04 11:12 a.m.5 views

WordPress Premium Addons for Elementor plugin <= 4.11.53 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Mdr in WordPress Plugin Premium Addons for Elementor versions = 4.11.53...

7.5CVSS7AI score0.00305EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-11171

Malware in sbrugna...

5.4CVSS5.5AI score0.0059EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27193

Malicious code in bioql PyPI...

6.4CVSS7.2AI score0.00423EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-27351

Malicious code in bioql PyPI...

6.4CVSS8.6AI score0.00408EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27195

Malicious code in bioql PyPI...

6.4CVSS7.2AI score0.00423EPSS
Exploits0References2
Rows per page
Query Builder